Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unkown infection


  • This topic is locked This topic is locked
12 replies to this topic

#1 UniversalM

UniversalM

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 31 December 2010 - 06:32 AM

Yes, upon opening up yahoo messenger the first error screen was C:/windows/system32/es.dll. Subsequent openings or error screens as follows: SystemPropertiesProtection.exe.; winlogon. exe hard error; PSTOREC.DLL winmail.exe....system restore, catastrophic failure when attempting to re-set. Computer crashes etc. I thank you inadvance of your time and attention, UniversalM...danadbenson


DDS (Ver_10-12-12.02) - NTFSx86
Run by danadbenson at 11:36:05.37 on Fri 12/31/2010
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_22
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2038.731 [GMT 1:00]

AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: IObit Security 360 *Enabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\IObit\IObit Security 360\is360tray.exe
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Program Files\Most Popular Solitaire\mpsol.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\danadbenson\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Bar = Preserve
mDefault_Page_URL = hxxp://www.sony.com/vaiopeople
uURLSearchHooks: Advanced Searchbar: {57f02779-3d88-4958-8ad3-83c12d86adc7} - c:\program files\advancedsearchbar\advancedsearchbar.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Yahooo Search Protection: {25bc7718-0bfa-40ea-b381-4b2d9732d686} - c:\program files\yahoo!\search protection\ysp.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Advanced Searchbar: {cdeec43d-3572-4e95-a2a5-f519d29f00c0} - c:\progra~1\advanc~1\ADVANC~1.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn4\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
TB: Advanced Searchbar: {57f02779-3d88-4958-8ad3-83c12d86adc7} - c:\program files\advancedsearchbar\advancedsearchbar.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [Mobile Partner] "c:\program files\mobile partner\Mobile Partner.exe"
uRun: [Sidebar] c:\program files\windows sidebar\SideBar.exe /autoRun
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [TrojanScanner] c:\program files\trojan remover\Trjscan.exe /boot
mRun: [IObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {57F02779-3D88-4958-8AD3-83C12D86ADC7} - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - c:\program files\advancedsearchbar\advancedsearchbar.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {C4FC0073-7EE6-42FB-889E-8C0538301E5D} = 194.230.1.103 194.230.1.71
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-12-2 151216]
R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2010-12-30 312152]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2009-5-27 29262680]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-12-29 1153368]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2009-12-2 42368]
R3 NETwLv32; Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwLv32.sys [2010-8-29 6637056]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-3-31 74240]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-3-31 43904]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-3-31 30976]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-3-31 807424]
RUnknown SASDIFSV;SASDIFSV; [x]
RUnknown SASKUTIL;SASKUTIL; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2010-5-17 21504]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2010-5-10 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2010-5-10 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2010-5-10 1089536]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2010-12-31 10:07:19 -------- d-----w- c:\users\danadb~1\appdata\roaming\SUPERAntiSpyware.com
2010-12-31 10:07:09 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-12-30 18:32:06 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com
2010-12-30 14:16:10 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-12-30 14:16:10 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-12-30 14:16:10 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-12-30 14:16:10 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-12-30 14:16:10 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2010-12-30 14:16:00 -------- d-----w- c:\users\danadb~1\appdata\roaming\Simply Super Software
2010-12-30 14:16:00 -------- d-----w- c:\program files\Trojan Remover
2010-12-30 14:16:00 -------- d-----w- c:\progra~2\Simply Super Software
2010-12-30 13:45:31 -------- d-sh--w- C:\found.000
2010-12-30 13:08:17 -------- d-----w- c:\progra~2\XoftSpySE
2010-12-29 20:23:03 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-29 20:22:58 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-29 20:22:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-29 19:42:44 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-12-28 07:50:03 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{a32ed457-40e3-4442-bdd7-4635bce60112}\mpengine.dll
2010-12-08 16:08:23 421888 ----a-w- c:\windows\system32\ac3filter.acm
2010-12-08 16:08:15 -------- d-----w- c:\program files\XP Codec Pack

==================== Find3M ====================

2010-12-30 18:15:38 42496 ----a-w- c:\windows\system32\pstorec.dll
2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:20:12 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-18 13:37:35 81920 ----a-w- c:\windows\system32\consent.exe
2010-10-18 13:31:24 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-10-13 11:31:05 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-10-06 14:07:17 172032 ----a-w- c:\windows\system32\AniGIF.ocx

============= FINISH: 11:37:15.81 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:10 PM

Posted 07 January 2011 - 09:15 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#3 UniversalM

UniversalM
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 07 January 2011 - 01:34 PM

Thank you for responding. First, Iwant to say, that I stipped and reformatted my computer in the last 4 days....and yesterday, again, the Highjacker showed up in my Malwarebytes log. There were two of them...HKEY_LOCAL_ MACHINE/SOFTWARE / microsoft....bak application ...reg value and reg data. Out of sheer exaustion, I downloaded superantispyware also....and ran both of these as well as microsoft security essentials. Now, today, I have not had any showing of the highjacker showing in my report logs. However, I want to mention, that prior to my stipping and reformatting, the antispyware did not report the highjacker at all, even though it was in the machine, until I reformatted.

Unless, from the information Ihave given above, you still believe that I need to go through the process you have given here again, I would like to leave this a couple days and see if the spyware etc, keeps the highjacker at bay, and be free to come again. The computer appears to be working ok. Is this possible? I thank you....UniversalM....

#4 UniversalM

UniversalM
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 08 January 2011 - 05:03 AM

Hello Casey or whom?.....I am adding another post to say, I remembered lastnite, that Ihad disabled the CD emulation for the logs Ioriginally created for submission of my problem to you....so I went back this morning to the defogger, and it would not re-enable.....do i have another problem?......Is there a way to re-enable this manually or does it just revert when re-booting? thank you in advance....Universal M

#5 Judicandus

Judicandus

    Bleepin' Pasta


  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Around the world
  • Local time:10:10 AM

Posted 08 January 2011 - 07:33 AM

Hi Universal,

I'm Judicandus and I'll be taking over with your malware removal process. (if there is still anything :D )

Could you please open the Malwarebytes log which has the infection reported so I know exactly what are the keys and values detected? It could also be a false positive.

Please try rebooting and see if you can enable cd emulation again.

#6 UniversalM

UniversalM
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 08 January 2011 - 07:43 AM

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5447

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

1/6/2011 7:50:53 PM
mbam-log-2011-01-06 (19-50-53).txt

Scan type: Full scan (C:\|)
Objects scanned: 255420
Time elapsed: 1 hour(s), 4 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5447

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

1/6/2011 6:45:24 PM
mbam-log-2011-01-06 (18-45-24).txt

Scan type: Quick scan
Objects scanned: 131302
Time elapsed: 4 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Not selected for removal.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5447

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

1/6/2011 6:45:24 PM
mbam-log-2011-01-06 (18-45-24).txt

Scan type: Quick scan
Objects scanned: 131302
Time elapsed: 4 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Not selected for removal.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Hi Judicandus....ihave copied here every log with an infection reported.....and like isaid, no instance, i think yet, since stripping, of the highjacker trojan.....so?????

and after reboot....how do i tell if the Cd emulation is returned or not.....thank you so much....UniversalM

#7 Judicandus

Judicandus

    Bleepin' Pasta


  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Around the world
  • Local time:10:10 AM

Posted 08 January 2011 - 08:03 AM

Hi Universal,

Is your cd emulating software working correctly? Can you mount cd images into the virtual drive?

The registry keys that malwarebytes detected as infected could be referenced to another program which you installed on your system (in particular from "trusted software").
It doesn't seem to me your computer is infected ;)

#8 UniversalM

UniversalM
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 08 January 2011 - 08:07 AM

I am kinda laughing.....I dont know if my Cd emulation is working or not....nor do i Know if I can mount CD images in the virtual drive or not....I am not too fancy...just patient at times.....and no, I don't think its infected now...but I am so paranoid.....it was mess....thank you so much

#9 Judicandus

Judicandus

    Bleepin' Pasta


  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Around the world
  • Local time:10:10 AM

Posted 08 January 2011 - 08:12 AM

Hi Universal :)

I just took a look at your logs again, you don't actually have any cd emulating software installed so no need to worry about it ;)

I did notice in your past log though that you had installed MSE and Iobit 360. I personally do not suggest you use Iobit 360. Please read this: http://www.security-forums.com/viewtopic.php?t=58533&sid=b36c4ebbc56292762434514f0cb1097e

Also, it is never good to run two antiviruses at the same time, they can many times conflict between themselves and caused blue screens and system errors.

Regarding that registry key, please send me an rsit log so I can take a look at the programs installed on you computer:

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)


#10 UniversalM

UniversalM
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 08 January 2011 - 08:21 AM

Logfile of random's system information tool 1.08 (written by random/random)
Run by UniversalMessenger at 2011-01-08 14:16:50
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 130 GB (71%) free of 184 GB
Total RAM: 2038 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:17:32 PM, on 1/8/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Most Popular Solitaire\mpsol.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\UniversalMessenger\Desktop\RSIT.exe
C:\Program Files\trend micro\UniversalMessenger.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: YSPManager - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Secunia PSI Tray.lnk = ?
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{4FEE9D8F-FF2D-4148-A314-7CD57F0884BA}: NameServer = 194.230.1.103 194.230.1.71
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMon.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 6708 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Free File Viewer Update Checker.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2010-11-15 1382712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25BC7718-0BFA-40EA-B381-4B2D9732D686}]
Yahooo Search Protection - C:\Program Files\Yahoo!\Search Protection\ysp.dll [2010-04-01 578872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-01-01 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2010-11-15 163128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2010-11-15 1382712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2006-11-13 118784]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-12-14 2424560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2007-03-24 154392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2007-03-24 138008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-01-23 321656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetFxUpdate_v1.1.4322]
C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [2004-08-11 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2007-03-24 133912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
C:\PROGRA~1\Secunia\PSI\psi_tray.exe [2010-12-21 291896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-03-24 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2007-02-13 98304]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-01-08 14:16:52 ----D---- C:\Program Files\trend micro
2011-01-08 14:16:50 ----D---- C:\rsit
2011-01-08 11:45:31 ----D---- C:\fcc9e8794e3913a129a4c888a1
2011-01-07 19:03:20 ----D---- C:\Program Files\Windows Portable Devices
2011-01-07 18:48:57 ----D---- C:\Program Files\Windows Live
2011-01-07 18:43:22 ----A---- C:\Windows\system32\webservices.dll
2011-01-07 18:43:05 ----A---- C:\Windows\system32\UIAnimation.dll
2011-01-07 18:43:04 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-01-07 18:43:03 ----A---- C:\Windows\system32\UIRibbon.dll
2011-01-07 18:42:28 ----A---- C:\Windows\system32\WMPhoto.dll
2011-01-07 18:42:27 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-07 18:42:27 ----A---- C:\Windows\system32\d3d10warp.dll
2011-01-07 18:42:27 ----A---- C:\Windows\system32\cdd.dll
2011-01-07 18:42:26 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-01-07 18:42:26 ----A---- C:\Windows\system32\XpsPrint.dll
2011-01-07 18:42:26 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-01-07 18:42:26 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2011-01-07 18:42:26 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-01-07 18:42:26 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2011-01-07 18:42:26 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2011-01-07 18:42:26 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2011-01-07 18:42:26 ----A---- C:\Windows\system32\dxdiagn.dll
2011-01-07 18:42:26 ----A---- C:\Windows\system32\dxdiag.exe
2011-01-07 18:42:26 ----A---- C:\Windows\system32\d2d1.dll
2011-01-07 18:42:25 ----A---- C:\Windows\system32\xpsservices.dll
2011-01-07 18:42:25 ----A---- C:\Windows\system32\OpcServices.dll
2011-01-07 18:42:25 ----A---- C:\Windows\system32\FntCache.dll
2011-01-07 18:42:25 ----A---- C:\Windows\system32\dxgi.dll
2011-01-07 18:42:25 ----A---- C:\Windows\system32\DWrite.dll
2011-01-07 18:42:25 ----A---- C:\Windows\system32\d3d11.dll
2011-01-07 18:42:25 ----A---- C:\Windows\system32\d3d10level9.dll
2011-01-07 18:42:25 ----A---- C:\Windows\system32\d3d10core.dll
2011-01-07 18:42:25 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-01-07 18:42:25 ----A---- C:\Windows\system32\d3d10_1.dll
2011-01-07 18:42:25 ----A---- C:\Windows\system32\d3d10.dll
2011-01-07 18:41:40 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2011-01-07 18:41:40 ----A---- C:\Windows\system32\wpdbusenum.dll
2011-01-07 18:41:40 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2011-01-07 18:41:34 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2011-01-07 18:41:31 ----A---- C:\Windows\system32\WPDSp.dll
2011-01-07 18:41:31 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2011-01-07 18:41:31 ----A---- C:\Windows\system32\wpdshext.dll
2011-01-07 18:41:31 ----A---- C:\Windows\system32\wpd_ci.dll
2011-01-07 18:41:31 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2011-01-07 18:41:31 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2011-01-07 18:41:31 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2011-01-07 18:41:31 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-01-07 18:39:52 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-01-07 18:39:52 ----A---- C:\Windows\system32\oleaccrc.dll
2011-01-07 18:39:52 ----A---- C:\Windows\system32\oleacc.dll
2011-01-07 12:52:47 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\SUPERAntiSpyware.com
2011-01-07 12:52:47 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-01-07 12:52:36 ----D---- C:\Program Files\SUPERAntiSpyware
2011-01-07 12:17:27 ----D---- C:\ProgramData\PC Tools
2011-01-07 12:17:27 ----D---- C:\Program Files\Spyware Doctor
2011-01-07 12:17:17 ----AD---- C:\ProgramData\TEMP
2011-01-07 11:31:33 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\GetRightToGo
2011-01-07 09:18:51 ----D---- C:\Program Files\Free Offers from Freeze.com
2011-01-06 21:24:13 ----D---- C:\Windows\system32\WindowsPowerShell
2011-01-06 21:24:03 ----A---- C:\Windows\system32\WsmAuto.dll
2011-01-06 21:24:03 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2011-01-06 21:24:03 ----A---- C:\Windows\system32\winrssrv.dll
2011-01-06 21:24:03 ----A---- C:\Windows\system32\winrsmgr.dll
2011-01-06 21:24:03 ----A---- C:\Windows\system32\winrshost.exe
2011-01-06 21:24:03 ----A---- C:\Windows\system32\winrscmd.dll
2011-01-06 21:24:03 ----A---- C:\Windows\system32\winrs.exe
2011-01-06 21:24:03 ----A---- C:\Windows\system32\wevtfwd.dll
2011-01-06 21:24:03 ----A---- C:\Windows\system32\wecutil.exe
2011-01-06 21:24:03 ----A---- C:\Windows\system32\wecsvc.dll
2011-01-06 21:24:03 ----A---- C:\Windows\system32\wecapi.dll
2011-01-06 21:24:02 ----A---- C:\Windows\system32\WsmWmiPl.dll
2011-01-06 21:24:02 ----A---- C:\Windows\system32\WsmSvc.dll
2011-01-06 21:24:02 ----A---- C:\Windows\system32\WsmRes.dll
2011-01-06 21:24:02 ----A---- C:\Windows\system32\wsmprovhost.exe
2011-01-06 21:24:02 ----A---- C:\Windows\system32\wsmplpxy.dll
2011-01-06 21:24:02 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2011-01-06 21:24:02 ----A---- C:\Windows\system32\winrm.vbs
2011-01-06 21:24:02 ----A---- C:\Windows\system32\pwrshplugin.dll
2011-01-05 07:58:41 ----D---- C:\Windows\pss
2011-01-04 17:41:41 ----D---- C:\Program Files\MSECache
2011-01-04 10:31:37 ----D---- C:\Windows\system32\eu-ES
2011-01-04 10:31:37 ----D---- C:\Windows\system32\ca-ES
2011-01-04 10:31:29 ----D---- C:\Windows\system32\vi-VN
2011-01-04 10:08:08 ----D---- C:\Windows\system32\EventProviders
2011-01-04 10:06:56 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2011-01-04 10:06:51 ----A---- C:\Windows\system32\SLsvc.exe
2011-01-04 10:06:51 ----A---- C:\Windows\system32\SLCExt.dll
2011-01-04 10:06:48 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2011-01-04 10:06:48 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2011-01-04 10:06:45 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2011-01-04 10:06:42 ----A---- C:\Windows\system32\mssrch.dll
2011-01-04 10:06:38 ----A---- C:\Windows\system32\drivers\spsys.sys
2011-01-04 10:06:37 ----A---- C:\Windows\system32\tquery.dll
2011-01-04 10:06:36 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2011-01-04 10:06:35 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2011-01-04 10:06:34 ----A---- C:\Windows\system32\scavenge.dll
2011-01-04 10:06:32 ----A---- C:\Windows\system32\msi.dll
2011-01-04 10:06:31 ----A---- C:\Windows\system32\imapi2fs.dll
2011-01-04 10:06:29 ----A---- C:\Windows\system32\WscEapPr.dll
2011-01-04 10:06:29 ----A---- C:\Windows\system32\wcnwiz2.dll
2011-01-04 10:06:29 ----A---- C:\Windows\system32\sysmain.dll
2011-01-04 10:06:27 ----A---- C:\Windows\system32\icardagt.exe
2011-01-04 10:06:26 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2011-01-04 10:06:25 ----A---- C:\Windows\system32\EhStorShell.dll
2011-01-04 10:06:23 ----A---- C:\Windows\system32\spreview.exe
2011-01-04 10:06:23 ----A---- C:\Windows\system32\spinstall.exe
2011-01-04 10:06:23 ----A---- C:\Windows\system32\drmv2clt.dll
2011-01-04 10:06:22 ----A---- C:\Windows\system32\spwizui.dll
2011-01-04 10:06:22 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2011-01-04 10:06:19 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-01-04 10:06:19 ----A---- C:\Windows\system32\p2psvc.dll
2011-01-04 10:06:18 ----A---- C:\Windows\system32\mssvp.dll
2011-01-04 10:06:17 ----A---- C:\Windows\system32\mssphtb.dll
2011-01-04 10:06:17 ----A---- C:\Windows\system32\mssph.dll
2011-01-04 10:06:17 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2011-01-04 10:06:16 ----A---- C:\Windows\system32\imapi2.dll
2011-01-04 10:06:15 ----A---- C:\Windows\system32\sdohlp.dll
2011-01-04 10:06:14 ----A---- C:\Windows\system32\IMJP10K.DLL
2011-01-04 10:06:14 ----A---- C:\Windows\system32\esent.dll
2011-01-04 10:06:13 ----A---- C:\Windows\system32\sperror.dll
2011-01-04 10:06:13 ----A---- C:\Windows\system32\DevicePairing.dll
2011-01-04 10:06:12 ----A---- C:\Windows\system32\wevtsvc.dll
2011-01-04 10:06:12 ----A---- C:\Windows\system32\korwbrkr.dll
2011-01-04 10:06:11 ----A---- C:\Windows\system32\SLC.dll
2011-01-04 10:06:11 ----A---- C:\Windows\system32\IasMigReader.exe
2011-01-04 10:06:08 ----A---- C:\Windows\system32\msjet40.dll
2011-01-04 10:06:08 ----A---- C:\Windows\system32\MPSSVC.dll
2011-01-04 10:06:06 ----A---- C:\Windows\system32\Query.dll
2011-01-04 10:06:06 ----A---- C:\Windows\system32\qmgr.dll
2011-01-04 10:06:05 ----A---- C:\Windows\system32\P2PGraph.dll
2011-01-04 10:06:05 ----A---- C:\Windows\system32\msexch40.dll
2011-01-04 10:06:05 ----A---- C:\Windows\system32\diagperf.dll
2011-01-04 10:06:03 ----A---- C:\Windows\system32\winload.exe
2011-01-04 10:06:03 ----A---- C:\Windows\system32\srchadmin.dll
2011-01-04 10:06:03 ----A---- C:\Windows\system32\ntdll.dll
2011-01-04 10:06:02 ----A---- C:\Windows\system32\uDWM.dll
2011-01-04 10:06:02 ----A---- C:\Windows\system32\mmc.exe
2011-01-04 10:06:02 ----A---- C:\Windows\system32\mblctr.exe
2011-01-04 10:06:02 ----A---- C:\Windows\system32\EncDec.dll
2011-01-04 10:06:01 ----A---- C:\Windows\system32\riched20.dll
2011-01-04 10:06:01 ----A---- C:\Windows\system32\IasMigPlugin.dll
2011-01-04 10:06:01 ----A---- C:\Windows\system32\dfsr.exe
2011-01-04 10:06:00 ----A---- C:\Windows\system32\RacEngn.dll
2011-01-04 10:06:00 ----A---- C:\Windows\system32\fdBth.dll
2011-01-04 10:05:59 ----A---- C:\Windows\system32\kernel32.dll
2011-01-04 10:05:58 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-01-04 10:05:58 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-01-04 10:05:58 ----A---- C:\Windows\system32\milcore.dll
2011-01-04 10:05:58 ----A---- C:\Windows\system32\EhStorAPI.dll
2011-01-04 10:05:58 ----A---- C:\Windows\system32\CertEnroll.dll
2011-01-04 10:05:57 ----A---- C:\Windows\system32\spoolss.dll
2011-01-04 10:05:57 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2011-01-04 10:05:56 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2011-01-04 10:05:55 ----A---- C:\Windows\system32\msvcp60.dll
2011-01-04 10:05:55 ----A---- C:\Windows\system32\msjtes40.dll
2011-01-04 10:05:55 ----A---- C:\Windows\system32\infocardapi.dll
2011-01-04 10:05:55 ----A---- C:\Windows\system32\gpedit.dll
2011-01-04 10:05:54 ----A---- C:\Windows\system32\WinSAT.exe
2011-01-04 10:05:53 ----A---- C:\Windows\system32\PresentationSettings.exe
2011-01-04 10:05:53 ----A---- C:\Windows\system32\es.dll
2011-01-04 10:05:52 ----A---- C:\Windows\system32\mstext40.dll
2011-01-04 10:05:52 ----A---- C:\Windows\system32\Magnify.exe
2011-01-04 10:05:52 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-01-04 10:05:52 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2011-01-04 10:05:52 ----A---- C:\Windows\system32\advapi32.dll
2011-01-04 10:05:51 ----A---- C:\Windows\system32\WebClnt.dll
2011-01-04 10:05:51 ----A---- C:\Windows\system32\slwmi.dll
2011-01-04 10:05:51 ----A---- C:\Windows\system32\msexcl40.dll
2011-01-04 10:05:50 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2011-01-04 10:05:50 ----A---- C:\Windows\system32\vssapi.dll
2011-01-04 10:05:50 ----A---- C:\Windows\system32\msxbde40.dll
2011-01-04 10:05:50 ----A---- C:\Windows\system32\comsvcs.dll
2011-01-04 10:05:49 ----A---- C:\Windows\system32\authui.dll
2011-01-04 10:05:48 ----A---- C:\Windows\system32\NetProjW.dll
2011-01-04 10:05:47 ----A---- C:\Windows\system32\propsys.dll
2011-01-04 10:05:47 ----A---- C:\Windows\system32\newdev.dll
2011-01-04 10:05:47 ----A---- C:\Windows\system32\msrepl40.dll
2011-01-04 10:05:46 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-01-04 10:05:46 ----A---- C:\Windows\system32\iasrecst.dll
2011-01-04 10:05:46 ----A---- C:\Windows\system32\gpsvc.dll
2011-01-04 10:05:46 ----A---- C:\Windows\system32\eudcedit.exe
2011-01-04 10:05:46 ----A---- C:\Windows\system32\crypt32.dll
2011-01-04 10:05:46 ----A---- C:\Windows\explorer.exe
2011-01-04 10:05:45 ----A---- C:\Windows\system32\setupapi.dll
2011-01-04 10:05:45 ----A---- C:\Windows\system32\rpcss.dll
2011-01-04 10:05:45 ----A---- C:\Windows\system32\mspbde40.dll
2011-01-04 10:05:44 ----A---- C:\Windows\system32\msltus40.dll
2011-01-04 10:05:44 ----A---- C:\Windows\system32\mfc42.dll
2011-01-04 10:05:44 ----A---- C:\Windows\system32\davclnt.dll
2011-01-04 10:05:44 ----A---- C:\Windows\system32\d3d9.dll
2011-01-04 10:05:43 ----A---- C:\Windows\system32\shlwapi.dll
2011-01-04 10:05:43 ----A---- C:\Windows\system32\msrd3x40.dll
2011-01-04 10:05:43 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2011-01-04 10:05:43 ----A---- C:\Windows\system32\EhStorAuthn.dll
2011-01-04 10:05:42 ----A---- C:\Windows\system32\wevtapi.dll
2011-01-04 10:05:42 ----A---- C:\Windows\system32\photowiz.dll
2011-01-04 10:05:42 ----A---- C:\Windows\system32\msdtctm.dll
2011-01-04 10:05:42 ----A---- C:\Windows\system32\browseui.dll
2011-01-04 10:05:41 ----A---- C:\Windows\system32\nlhtml.dll
2011-01-04 10:05:40 ----A---- C:\Windows\system32\user32.dll
2011-01-04 10:05:40 ----A---- C:\Windows\system32\samsrv.dll
2011-01-04 10:05:40 ----A---- C:\Windows\system32\ci.dll
2011-01-04 10:05:39 ----A---- C:\Windows\system32\win32spl.dll
2011-01-04 10:05:39 ----A---- C:\Windows\system32\WcnNetsh.dll
2011-01-04 10:05:39 ----A---- C:\Windows\system32\SLCommDlg.dll
2011-01-04 10:05:39 ----A---- C:\Windows\system32\oleaut32.dll
2011-01-04 10:05:38 ----A---- C:\Windows\system32\netshell.dll
2011-01-04 10:05:38 ----A---- C:\Windows\system32\IKEEXT.DLL
2011-01-04 10:05:38 ----A---- C:\Windows\system32\drivers\rdbss.sys
2011-01-04 10:05:38 ----A---- C:\Windows\system32\compcln.exe
2011-01-04 10:05:37 ----A---- C:\Windows\system32\mswstr10.dll
2011-01-04 10:05:37 ----A---- C:\Windows\system32\apds.dll
2011-01-04 10:05:36 ----A---- C:\Windows\system32\xmlfilter.dll
2011-01-04 10:05:36 ----A---- C:\Windows\system32\msctf.dll
2011-01-04 10:05:36 ----A---- C:\Windows\system32\emdmgmt.dll
2011-01-04 10:05:36 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2011-01-04 10:05:36 ----A---- C:\Windows\system32\audiosrv.dll
2011-01-04 10:05:35 ----A---- C:\Windows\system32\QAGENTRT.DLL
2011-01-04 10:05:35 ----A---- C:\Windows\system32\msvcrt.dll
2011-01-04 10:05:35 ----A---- C:\Windows\system32\gdi32.dll
2011-01-04 10:05:35 ----A---- C:\Windows\system32\drivers\netio.sys
2011-01-04 10:05:34 ----A---- C:\Windows\system32\VSSVC.exe
2011-01-04 10:05:34 ----A---- C:\Windows\system32\SLUI.exe
2011-01-04 10:05:34 ----A---- C:\Windows\system32\mfc42u.dll
2011-01-04 10:05:34 ----A---- C:\Windows\system32\eapphost.dll
2011-01-04 10:05:33 ----A---- C:\Windows\system32\sqlsrv32.dll
2011-01-04 10:05:33 ----A---- C:\Windows\system32\msrd2x40.dll
2011-01-04 10:05:33 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-01-04 10:05:32 ----A---- C:\Windows\system32\winresume.exe
2011-01-04 10:05:32 ----A---- C:\Windows\system32\propdefs.dll
2011-01-04 10:05:32 ----A---- C:\Windows\system32\odbc32.dll
2011-01-04 10:05:31 ----A---- C:\Windows\system32\shdocvw.dll
2011-01-04 10:05:31 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-01-04 10:05:30 ----A---- C:\Windows\system32\wevtutil.exe
2011-01-04 10:05:30 ----A---- C:\Windows\system32\mssitlb.dll
2011-01-04 10:05:30 ----A---- C:\Windows\system32\dbgeng.dll
2011-01-04 10:05:28 ----A---- C:\Windows\system32\swprv.dll
2011-01-04 10:05:28 ----A---- C:\Windows\system32\mmcndmgr.dll
2011-01-04 10:05:26 ----A---- C:\Windows\system32\vds.exe
2011-01-04 10:05:26 ----A---- C:\Windows\system32\netlogon.dll
2011-01-04 10:05:26 ----A---- C:\Windows\system32\msctfp.dll
2011-01-04 10:05:26 ----A---- C:\Windows\system32\fdBthProxy.dll
2011-01-04 10:05:26 ----A---- C:\Windows\system32\drvinst.exe
2011-01-04 10:05:26 ----A---- C:\Windows\system32\devmgr.dll
2011-01-04 10:05:25 ----A---- C:\Windows\system32\msscb.dll
2011-01-04 10:05:25 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2011-01-04 10:05:25 ----A---- C:\Windows\system32\BFE.DLL
2011-01-04 10:05:25 ----A---- C:\Windows\system32\adsldpc.dll
2011-01-04 10:05:24 ----A---- C:\Windows\system32\wcnwiz.dll
2011-01-04 10:05:24 ----A---- C:\Windows\system32\evr.dll
2011-01-04 10:05:23 ----A---- C:\Windows\system32\WMVSDECD.DLL
2011-01-04 10:05:23 ----A---- C:\Windows\system32\Wldap32.dll
2011-01-04 10:05:22 ----A---- C:\Windows\system32\wercon.exe
2011-01-04 10:05:22 ----A---- C:\Windows\system32\services.exe
2011-01-04 10:05:22 ----A---- C:\Windows\system32\comdlg32.dll
2011-01-04 10:05:22 ----A---- C:\Windows\system32\adtschema.dll
2011-01-04 10:05:21 ----A---- C:\Windows\system32\wcncsvc.dll
2011-01-04 10:05:21 ----A---- C:\Windows\system32\mimefilt.dll
2011-01-04 10:05:21 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2011-01-04 10:05:21 ----A---- C:\Windows\system32\certcli.dll
2011-01-04 10:05:20 ----A---- C:\Windows\system32\mswdat10.dll
2011-01-04 10:05:20 ----A---- C:\Windows\system32\msjter40.dll
2011-01-04 10:05:20 ----A---- C:\Windows\system32\msdtcprx.dll
2011-01-04 10:05:20 ----A---- C:\Windows\system32\ipsmsnap.dll
2011-01-04 10:05:19 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-01-04 10:05:19 ----A---- C:\Windows\system32\rtffilt.dll
2011-01-04 10:05:19 ----A---- C:\Windows\system32\reg.exe
2011-01-04 10:05:19 ----A---- C:\Windows\system32\dnsapi.dll
2011-01-04 10:05:19 ----A---- C:\Windows\system32\certutil.exe
2011-01-04 10:05:18 ----A---- C:\Windows\system32\WMNetMgr.dll
2011-01-04 10:05:18 ----A---- C:\Windows\system32\w32time.dll
2011-01-04 10:05:17 ----A---- C:\Windows\system32\msshooks.dll
2011-01-04 10:05:17 ----A---- C:\Windows\system32\msscntrs.dll
2011-01-04 10:05:17 ----A---- C:\Windows\system32\IPSECSVC.DLL
2011-01-04 10:05:17 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-01-04 10:05:17 ----A---- C:\Windows\system32\bthserv.dll
2011-01-04 10:05:17 ----A---- C:\Windows\system32\bcrypt.dll
2011-01-04 10:05:16 ----A---- C:\Windows\system32\TsWpfWrp.exe
2011-01-04 10:05:16 ----A---- C:\Windows\system32\rsaenh.dll
2011-01-04 10:05:16 ----A---- C:\Windows\system32\msstrc.dll
2011-01-04 10:05:16 ----A---- C:\Windows\system32\msihnd.dll
2011-01-04 10:05:16 ----A---- C:\Windows\system32\MMDevAPI.dll
2011-01-04 10:05:16 ----A---- C:\Windows\system32\drivers\ndis.sys
2011-01-04 10:05:15 ----A---- C:\Windows\system32\netapi32.dll
2011-01-04 10:05:14 ----A---- C:\Windows\system32\mtxclu.dll
2011-01-04 10:05:14 ----A---- C:\Windows\system32\mscories.dll
2011-01-04 10:05:14 ----A---- C:\Windows\system32\inetpp.dll
2011-01-04 10:05:14 ----A---- C:\Windows\system32\hidserv.dll
2011-01-04 10:05:14 ----A---- C:\Windows\system32\fundisc.dll
2011-01-04 10:05:14 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2011-01-04 10:05:14 ----A---- C:\Windows\system32\cryptsvc.dll
2011-01-04 10:05:13 ----A---- C:\Windows\system32\termsrv.dll
2011-01-04 10:05:13 ----A---- C:\Windows\system32\profsvc.dll
2011-01-04 10:05:12 ----A---- C:\Windows\system32\wdc.dll
2011-01-04 10:05:12 ----A---- C:\Windows\system32\shsvcs.dll
2011-01-04 10:05:12 ----A---- C:\Windows\system32\msiexec.exe
2011-01-04 10:05:12 ----A---- C:\Windows\system32\imapi.dll
2011-01-04 10:05:12 ----A---- C:\Windows\system32\drivers\pci.sys
2011-01-04 10:05:12 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2011-01-04 10:05:12 ----A---- C:\Windows\system32\chsbrkr.dll
2011-01-04 10:05:11 ----A---- C:\Windows\system32\rasmans.dll
2011-01-04 10:05:11 ----A---- C:\Windows\system32\pnidui.dll
2011-01-04 10:05:11 ----A---- C:\Windows\system32\icardres.dll
2011-01-04 10:05:11 ----A---- C:\Windows\system32\iassdo.dll
2011-01-04 10:05:10 ----A---- C:\Windows\system32\wersvc.dll
2011-01-04 10:05:10 ----A---- C:\Windows\system32\scrrun.dll
2011-01-04 10:05:10 ----A---- C:\Windows\system32\PSHED.DLL
2011-01-04 10:05:10 ----A---- C:\Windows\system32\drivers\termdd.sys
2011-01-04 10:05:10 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2011-01-04 10:05:10 ----A---- C:\Windows\system32\drivers\acpi.sys
2011-01-04 10:05:10 ----A---- C:\Windows\system32\autofmt.exe
2011-01-04 10:05:09 ----A---- C:\Windows\system32\slmgr.vbs
2011-01-04 10:05:09 ----A---- C:\Windows\system32\pdh.dll
2011-01-04 10:05:09 ----A---- C:\Windows\system32\drivers\Storport.sys
2011-01-04 10:05:09 ----A---- C:\Windows\system32\drivers\ataport.sys
2011-01-04 10:05:09 ----A---- C:\Windows\system32\dhcpcsvc.dll
2011-01-04 10:05:09 ----A---- C:\Windows\system32\clfs.sys
2011-01-04 10:05:09 ----A---- C:\Windows\system32\CertEnrollUI.dll
2011-01-04 10:05:09 ----A---- C:\Windows\system32\azroles.dll
2011-01-04 10:05:08 ----A---- C:\Windows\system32\pidgenx.dll
2011-01-04 10:05:08 ----A---- C:\Windows\system32\drivers\partmgr.sys
2011-01-04 10:05:07 ----A---- C:\Windows\system32\winlogon.exe
2011-01-04 10:05:07 ----A---- C:\Windows\system32\SyncCenter.dll
2011-01-04 10:05:06 ----A---- C:\Windows\system32\SLUINotify.dll
2011-01-04 10:05:06 ----A---- C:\Windows\system32\msjetoledb40.dll
2011-01-04 10:05:06 ----A---- C:\Windows\system32\drivers\mup.sys
2011-01-04 10:05:06 ----A---- C:\Windows\system32\comuid.dll
2011-01-04 10:05:06 ----A---- C:\Windows\system32\certmgr.dll
2011-01-04 10:05:05 ----A---- C:\Windows\system32\sethc.exe
2011-01-04 10:05:05 ----A---- C:\Windows\system32\ncrypt.dll
2011-01-04 10:05:05 ----A---- C:\Windows\system32\kd1394.dll
2011-01-04 10:05:05 ----A---- C:\Windows\system32\iassam.dll
2011-01-04 10:05:05 ----A---- C:\Windows\system32\drivers\disk.sys
2011-01-04 10:05:04 ----A---- C:\Windows\system32\wisptis.exe
2011-01-04 10:05:04 ----A---- C:\Windows\system32\untfs.dll
2011-01-04 10:05:04 ----A---- C:\Windows\system32\spp.dll
2011-01-04 10:05:04 ----A---- C:\Windows\system32\scrobj.dll
2011-01-04 10:05:04 ----A---- C:\Windows\system32\dwm.exe
2011-01-04 10:05:04 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2011-01-04 10:05:04 ----A---- C:\Windows\system32\drivers\pciidex.sys
2011-01-04 10:05:03 ----A---- C:\Windows\system32\printui.dll
2011-01-04 10:05:03 ----A---- C:\Windows\system32\iasnap.dll
2011-01-04 10:05:03 ----A---- C:\Windows\system32\drivers\volsnap.sys
2011-01-04 10:05:03 ----A---- C:\Windows\system32\drivers\pcmcia.sys
2011-01-04 10:05:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2011-01-04 10:05:03 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2011-01-04 10:05:03 ----A---- C:\Windows\system32\autochk.exe
2011-01-04 10:05:02 ----A---- C:\Windows\system32\winsrv.dll
2011-01-04 10:05:02 ----A---- C:\Windows\system32\drivers\pciide.sys
2011-01-04 10:05:02 ----A---- C:\Windows\system32\drivers\msrpc.sys
2011-01-04 10:05:02 ----A---- C:\Windows\system32\drivers\ecache.sys
2011-01-04 10:05:02 ----A---- C:\Windows\system32\drivers\Dumpata.sys
2011-01-04 10:05:02 ----A---- C:\Windows\system32\autoconv.exe
2011-01-04 10:05:01 ----A---- C:\Windows\system32\wow32.dll
2011-01-04 10:05:01 ----A---- C:\Windows\system32\userenv.dll
2011-01-04 10:05:01 ----A---- C:\Windows\system32\onex.dll
2011-01-04 10:05:01 ----A---- C:\Windows\system32\kdcom.dll
2011-01-04 10:05:01 ----A---- C:\Windows\system32\cscript.exe
2011-01-04 10:05:01 ----A---- C:\Windows\system32\basecsp.dll
2011-01-04 10:05:01 ----A---- C:\Windows\system32\audiodg.exe
2011-01-04 10:05:00 ----A---- C:\Windows\system32\osk.exe
2011-01-04 10:05:00 ----A---- C:\Windows\system32\mswsock.dll
2011-01-04 10:04:59 ----A---- C:\Windows\system32\spcmsg.dll
2011-01-04 10:04:59 ----A---- C:\Windows\system32\RelMon.dll
2011-01-04 10:04:59 ----A---- C:\Windows\system32\kdusb.dll
2011-01-04 10:04:59 ----A---- C:\Windows\system32\drivers\atapi.sys
2011-01-04 10:04:58 ----A---- C:\Windows\system32\winmm.dll
2011-01-04 10:04:58 ----A---- C:\Windows\system32\rdpencom.dll
2011-01-04 10:04:58 ----A---- C:\Windows\system32\drivers\netbt.sys
2011-01-04 10:04:57 ----A---- C:\Windows\system32\WinSCard.dll
2011-01-04 10:04:57 ----A---- C:\Windows\system32\WerFaultSecure.exe
2011-01-04 10:04:57 ----A---- C:\Windows\system32\offfilt.dll
2011-01-04 10:04:57 ----A---- C:\Windows\system32\msftedit.dll
2011-01-04 10:04:57 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-01-04 10:04:56 ----A---- C:\Windows\system32\Utilman.exe
2011-01-04 10:04:55 ----A---- C:\Windows\system32\wsepno.dll
2011-01-04 10:04:55 ----A---- C:\Windows\system32\WerFault.exe
2011-01-04 10:04:55 ----A---- C:\Windows\system32\stobject.dll
2011-01-04 10:04:55 ----A---- C:\Windows\system32\SndVol.exe
2011-01-04 10:04:55 ----A---- C:\Windows\system32\mfplat.dll
2011-01-04 10:04:55 ----A---- C:\Windows\system32\diskraid.exe
2011-01-04 10:04:55 ----A---- C:\Windows\system32\apphelp.dll
2011-01-04 10:04:54 ----A---- C:\Windows\system32\wscript.exe
2011-01-04 10:04:54 ----A---- C:\Windows\system32\wiaservc.dll
2011-01-04 10:04:54 ----A---- C:\Windows\system32\sysclass.dll
2011-01-04 10:04:54 ----A---- C:\Windows\system32\prnntfy.dll
2011-01-04 10:04:54 ----A---- C:\Windows\system32\odbccp32.dll
2011-01-04 10:04:54 ----A---- C:\Windows\system32\msnetobj.dll
2011-01-04 10:04:54 ----A---- C:\Windows\system32\mscms.dll
2011-01-04 10:04:54 ----A---- C:\Windows\system32\mcmde.dll
2011-01-04 10:04:54 ----A---- C:\Windows\system32\adsmsext.dll
2011-01-04 10:04:53 ----A---- C:\Windows\system32\ulib.dll
2011-01-04 10:04:53 ----A---- C:\Windows\system32\iasdatastore.dll
2011-01-04 10:04:53 ----A---- C:\Windows\system32\dsound.dll
2011-01-04 10:04:53 ----A---- C:\Windows\system32\cryptui.dll
2011-01-04 10:04:52 ----A---- C:\Windows\system32\wscntfy.dll
2011-01-04 10:04:52 ----A---- C:\Windows\system32\rastapi.dll
2011-01-04 10:04:52 ----A---- C:\Windows\system32\pnpsetup.dll
2011-01-04 10:04:52 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2011-01-04 10:04:52 ----A---- C:\Windows\system32\fdProxy.dll
2011-01-04 10:04:51 ----A---- C:\Windows\system32\wlangpui.dll
2011-01-04 10:04:51 ----A---- C:\Windows\system32\ipsecsnp.dll
2011-01-04 10:04:51 ----A---- C:\Windows\system32\gpapi.dll
2011-01-04 10:04:51 ----A---- C:\Windows\system32\diskpart.exe
2011-01-04 10:04:51 ----A---- C:\Windows\system32\brcpl.dll
2011-01-04 10:04:50 ----A---- C:\Windows\system32\wscsvc.dll
2011-01-04 10:04:50 ----A---- C:\Windows\system32\WMVENCOD.DLL
2011-01-04 10:04:50 ----A---- C:\Windows\system32\vdsdyn.dll
2011-01-04 10:04:50 ----A---- C:\Windows\system32\rasapi32.dll
2011-01-04 10:04:50 ----A---- C:\Windows\system32\ntprint.dll
2011-01-04 10:04:50 ----A---- C:\Windows\system32\logman.exe
2011-01-04 10:04:50 ----A---- C:\Windows\system32\iashlpr.dll
2011-01-04 10:04:49 ----A---- C:\Windows\system32\zipfldr.dll
2011-01-04 10:04:49 ----A---- C:\Windows\system32\wusa.exe
2011-01-04 10:04:49 ----A---- C:\Windows\system32\wshext.dll
2011-01-04 10:04:49 ----A---- C:\Windows\system32\regsvc.dll
2011-01-04 10:04:49 ----A---- C:\Windows\system32\mscorier.dll
2011-01-04 10:04:49 ----A---- C:\Windows\system32\iasrad.dll
2011-01-04 10:04:49 ----A---- C:\Windows\system32\findstr.exe
2011-01-04 10:04:48 ----A---- C:\Windows\system32\wpccpl.dll
2011-01-04 10:04:48 ----A---- C:\Windows\system32\netcenter.dll
2011-01-04 10:04:47 ----A---- C:\Windows\system32\wsnmp32.dll
2011-01-04 10:04:47 ----A---- C:\Windows\system32\wer.dll
2011-01-04 10:04:47 ----A---- C:\Windows\system32\themecpl.dll
2011-01-04 10:04:47 ----A---- C:\Windows\system32\rasdlg.dll
2011-01-04 10:04:47 ----A---- C:\Windows\system32\iassvcs.dll
2011-01-04 10:04:47 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-01-04 10:04:44 ----A---- C:\Windows\system32\uxsms.dll
2011-01-04 10:04:44 ----A---- C:\Windows\system32\mssprxy.dll
2011-01-04 10:04:43 ----A---- C:\Windows\system32\slcc.dll
2011-01-04 10:04:43 ----A---- C:\Windows\system32\scansetting.dll
2011-01-04 10:04:43 ----A---- C:\Windows\system32\powrprof.dll
2011-01-04 10:04:43 ----A---- C:\Windows\system32\ntmarta.dll
2011-01-04 10:04:43 ----A---- C:\Windows\system32\msutb.dll
2011-01-04 10:04:43 ----A---- C:\Windows\system32\mstlsapi.dll
2011-01-04 10:04:43 ----A---- C:\Windows\system32\iasads.dll
2011-01-04 10:04:42 ----A---- C:\Windows\system32\powercpl.dll
2011-01-04 10:04:42 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2011-01-04 10:04:42 ----A---- C:\Windows\system32\networkmap.dll
2011-01-04 10:04:42 ----A---- C:\Windows\system32\mstsc.exe
2011-01-04 10:04:42 ----A---- C:\Windows\system32\iasacct.dll
2011-01-04 10:04:42 ----A---- C:\Windows\system32\drivers\ks.sys
2011-01-04 10:04:42 ----A---- C:\Windows\system32\authz.dll
2011-01-04 10:04:41 ----A---- C:\Windows\system32\sud.dll
2011-01-04 10:04:41 ----A---- C:\Windows\system32\newdev.exe
2011-01-04 10:04:41 ----A---- C:\Windows\system32\dot3svc.dll
2011-01-04 10:04:41 ----A---- C:\Windows\system32\connect.dll
2011-01-04 10:04:40 ----A---- C:\Windows\system32\themeui.dll
2011-01-04 10:04:40 ----A---- C:\Windows\system32\systemcpl.dll
2011-01-04 10:04:40 ----A---- C:\Windows\system32\pcaui.dll
2011-01-04 10:04:40 ----A---- C:\Windows\system32\accessibilitycpl.dll
2011-01-04 10:04:39 ----A---- C:\Windows\system32\usercpl.dll
2011-01-04 10:04:39 ----A---- C:\Windows\system32\samlib.dll
2011-01-04 10:04:39 ----A---- C:\Windows\system32\mmci.dll
2011-01-04 10:04:39 ----A---- C:\Windows\system32\autoplay.dll
2011-01-04 10:04:38 ----A---- C:\Windows\system32\wlanpref.dll
2011-01-04 10:04:38 ----A---- C:\Windows\system32\rpchttp.dll
2011-01-04 10:04:38 ----A---- C:\Windows\system32\regapi.dll
2011-01-04 10:04:38 ----A---- C:\Windows\system32\qdvd.dll
2011-01-04 10:04:37 ----A---- C:\Windows\system32\wpcao.dll
2011-01-04 10:04:37 ----A---- C:\Windows\system32\vdsutil.dll
2011-01-04 10:04:37 ----A---- C:\Windows\system32\tapisrv.dll
2011-01-04 10:04:37 ----A---- C:\Windows\system32\msinfo32.exe
2011-01-04 10:04:36 ----A---- C:\Windows\system32\scksp.dll
2011-01-04 10:04:36 ----A---- C:\Windows\system32\scesrv.dll
2011-01-04 10:04:36 ----A---- C:\Windows\system32\psisdecd.dll
2011-01-04 10:04:36 ----A---- C:\Windows\system32\oleprn.dll
2011-01-04 10:04:36 ----A---- C:\Windows\system32\mpr.dll
2011-01-04 10:04:36 ----A---- C:\Windows\system32\imm32.dll
2011-01-04 10:04:36 ----A---- C:\Windows\system32\feclient.dll
2011-01-04 10:04:36 ----A---- C:\Windows\system32\drivers\exfat.sys
2011-01-04 10:04:36 ----A---- C:\Windows\system32\dot3msm.dll
2011-01-04 10:04:36 ----A---- C:\Windows\system32\AudioSes.dll
2011-01-04 10:04:35 ----A---- C:\Windows\system32\wscisvif.dll
2011-01-04 10:04:35 ----A---- C:\Windows\system32\sdclt.exe
2011-01-04 10:04:35 ----A---- C:\Windows\system32\rekeywiz.exe
2011-01-04 10:04:35 ----A---- C:\Windows\system32\iaspolcy.dll
2011-01-04 10:04:35 ----A---- C:\Windows\system32\Faultrep.dll
2011-01-04 10:04:35 ----A---- C:\Windows\system32\dpapimig.exe
2011-01-04 10:04:35 ----A---- C:\Windows\system32\DeviceEject.exe
2011-01-04 10:04:34 ----A---- C:\Windows\system32\scecli.dll
2011-01-04 10:04:34 ----A---- C:\Windows\system32\rasgcw.dll
2011-01-04 10:04:34 ----A---- C:\Windows\system32\qedit.dll
2011-01-04 10:04:34 ----A---- C:\Windows\system32\pnpui.dll
2011-01-04 10:04:34 ----A---- C:\Windows\system32\perfdisk.dll
2011-01-04 10:04:34 ----A---- C:\Windows\system32\ncryptui.dll
2011-01-04 10:04:34 ----A---- C:\Windows\system32\hdwwiz.exe
2011-01-04 10:04:34 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2011-01-04 10:04:34 ----A---- C:\Windows\system32\certreq.exe
2011-01-04 10:04:33 ----A---- C:\Windows\system32\TSTheme.exe
2011-01-04 10:04:33 ----A---- C:\Windows\system32\spwinsat.dll
2011-01-04 10:04:33 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2011-01-04 10:04:33 ----A---- C:\Windows\system32\rasplap.dll
2011-01-04 10:04:32 ----A---- C:\Windows\system32\whealogr.dll
2011-01-04 10:04:32 ----A---- C:\Windows\system32\tcpmon.dll
2011-01-04 10:04:32 ----A---- C:\Windows\system32\tcpipcfg.dll
2011-01-04 10:04:32 ----A---- C:\Windows\system32\PnPUnattend.exe
2011-01-04 10:04:32 ----A---- C:\Windows\system32\fdWSD.dll
2011-01-04 10:04:32 ----A---- C:\Windows\system32\drivers\portcls.sys
2011-01-04 10:04:32 ----A---- C:\Windows\system32\cmmon32.exe
2011-01-04 10:04:31 ----A---- C:\Windows\system32\srcore.dll
2011-01-04 10:04:31 ----A---- C:\Windows\system32\SnippingTool.exe
2011-01-04 10:04:31 ----A---- C:\Windows\system32\SCardSvr.dll
2011-01-04 10:04:31 ----A---- C:\Windows\system32\raschap.dll
2011-01-04 10:04:31 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2011-01-04 10:04:31 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2011-01-04 10:04:31 ----A---- C:\Windows\system32\conime.exe
2011-01-04 10:04:31 ----A---- C:\Windows\system32\cmdial32.dll
2011-01-04 10:04:30 ----A---- C:\Windows\system32\wlanui.dll
2011-01-04 10:04:30 ----A---- C:\Windows\system32\wiaaut.dll
2011-01-04 10:04:30 ----A---- C:\Windows\system32\MSVidCtl.dll
2011-01-04 10:04:30 ----A---- C:\Windows\system32\fontext.dll
2011-01-04 10:04:30 ----A---- C:\Windows\system32\drivers\npfs.sys
2011-01-04 10:04:30 ----A---- C:\Windows\system32\drivers\afd.sys
2011-01-04 10:04:29 ----A---- C:\Windows\system32\WMVXENCD.DLL
2011-01-04 10:04:29 ----A---- C:\Windows\system32\shwebsvc.dll
2011-01-04 10:04:29 ----A---- C:\Windows\system32\rasppp.dll
2011-01-04 10:04:29 ----A---- C:\Windows\system32\PnPutil.exe
2011-01-04 10:04:29 ----A---- C:\Windows\system32\dsprop.dll
2011-01-04 10:04:28 ----A---- C:\Windows\system32\shsetup.dll
2011-01-04 10:04:28 ----A---- C:\Windows\system32\oobefldr.dll
2011-01-04 10:04:28 ----A---- C:\Windows\system32\drivers\tdx.sys
2011-01-04 10:04:28 ----A---- C:\Windows\system32\drivers\pacer.sys
2011-01-04 10:04:28 ----A---- C:\Windows\system32\dimsroam.dll
2011-01-04 10:04:27 ----A---- C:\Windows\system32\rasmontr.dll
2011-01-04 10:04:27 ----A---- C:\Windows\system32\mscandui.dll
2011-01-04 10:04:27 ----A---- C:\Windows\system32\modemui.dll
2011-01-04 10:04:26 ----A---- C:\Windows\system32\wmdrmsdk.dll
2011-01-04 10:04:26 ----A---- C:\Windows\system32\dataclen.dll
2011-01-04 10:04:26 ----A---- C:\Windows\system32\chtbrkr.dll
2011-01-04 10:04:25 ----A---- C:\Windows\system32\wlgpclnt.dll
2011-01-04 10:04:25 ----A---- C:\Windows\system32\rdpwsx.dll
2011-01-04 10:04:25 ----A---- C:\Windows\system32\drivers\fastfat.sys
2011-01-04 10:04:25 ----A---- C:\Windows\system32\blackbox.dll
2011-01-04 10:04:24 ----A---- C:\Windows\system32\WSDMon.dll
2011-01-04 10:04:24 ----A---- C:\Windows\system32\wmpeffects.dll
2011-01-04 10:04:24 ----A---- C:\Windows\system32\smss.exe
2011-01-04 10:04:24 ----A---- C:\Windows\system32\netplwiz.dll
2011-01-04 10:04:24 ----A---- C:\Windows\system32\credui.dll
2011-01-04 10:04:23 ----A---- C:\Windows\system32\drivers\rmcast.sys
2011-01-04 10:04:23 ----A---- C:\Windows\system32\drivers\ohci1394.sys
2011-01-04 10:04:23 ----A---- C:\Windows\system32\certprop.dll
2011-01-04 10:04:22 ----A---- C:\Windows\system32\wscapi.dll
2011-01-04 10:04:22 ----A---- C:\Windows\system32\wpcsvc.dll
2011-01-04 10:04:22 ----A---- C:\Windows\system32\networkexplorer.dll
2011-01-04 10:04:22 ----A---- C:\Windows\system32\msscp.dll
2011-01-04 10:04:22 ----A---- C:\Windows\system32\logagent.exe
2011-01-04 10:04:22 ----A---- C:\Windows\system32\InkEd.dll
2011-01-04 10:04:22 ----A---- C:\Windows\system32\ifmon.dll
2011-01-04 10:04:22 ----A---- C:\Windows\system32\gpresult.exe
2011-01-04 10:04:22 ----A---- C:\Windows\system32\cipher.exe
2011-01-04 10:04:21 ----A---- C:\Windows\system32\thawbrkr.dll
2011-01-04 10:04:21 ----A---- C:\Windows\system32\softkbd.dll
2011-01-04 10:04:21 ----A---- C:\Windows\system32\sendmail.dll
2011-01-04 10:04:21 ----A---- C:\Windows\system32\msimtf.dll
2011-01-04 10:04:21 ----A---- C:\Windows\system32\drivers\watchdog.sys
2011-01-04 10:04:20 ----A---- C:\Windows\system32\olepro32.dll
2011-01-04 10:04:20 ----A---- C:\Windows\system32\msctfui.dll
2011-01-04 10:04:20 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2011-01-04 10:04:20 ----A---- C:\Windows\system32\drivers\smb.sys
2011-01-04 10:04:20 ----A---- C:\Windows\system32\drivers\hidusb.sys
2011-01-04 10:04:20 ----A---- C:\Windows\system32\dmsynth.dll
2011-01-04 10:04:19 ----A---- C:\Windows\system32\puiapi.dll
2011-01-04 10:04:19 ----A---- C:\Windows\system32\drmmgrtn.dll
2011-01-04 10:04:19 ----A---- C:\Windows\system32\drivers\udfs.sys
2011-01-04 10:04:18 ----A---- C:\Windows\system32\wshbth.dll
2011-01-04 10:04:18 ----A---- C:\Windows\system32\version.dll
2011-01-04 10:04:18 ----A---- C:\Windows\system32\SLLUA.exe
2011-01-04 10:04:18 ----A---- C:\Windows\system32\msisip.dll
2011-01-04 10:04:18 ----A---- C:\Windows\system32\mprapi.dll
2011-01-04 10:04:18 ----A---- C:\Windows\system32\input.dll
2011-01-04 10:04:18 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-01-04 10:04:17 ----A---- C:\Windows\system32\fc.exe
2011-01-04 10:04:16 ----A---- C:\Windows\system32\msjint40.dll
2011-01-04 10:04:16 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2011-01-04 10:04:16 ----A---- C:\Windows\system32\fdSSDP.dll
2011-01-04 10:04:16 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2011-01-04 10:04:16 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2011-01-04 10:04:16 ----A---- C:\Windows\system32\dmusic.dll
2011-01-04 10:04:16 ----A---- C:\Windows\system32\cscapi.dll
2011-01-04 10:04:15 ----A---- C:\Windows\system32\l2nacp.dll
2011-01-04 10:04:15 ----A---- C:\Windows\system32\ftp.exe
2011-01-04 10:04:15 ----A---- C:\Windows\system32\eapp3hst.dll
2011-01-04 10:04:15 ----A---- C:\Windows\system32\cscdll.dll
2011-01-04 10:04:14 ----A---- C:\Windows\system32\wsdchngr.dll
2011-01-04 10:04:14 ----A---- C:\Windows\system32\Storprop.dll
2011-01-04 10:04:14 ----A---- C:\Windows\system32\SMBHelperClass.dll
2011-01-04 10:04:14 ----A---- C:\Windows\system32\rasdial.exe
2011-01-04 10:04:14 ----A---- C:\Windows\system32\rasdiag.dll
2011-01-04 10:04:14 ----A---- C:\Windows\system32\bthudtask.exe
2011-01-04 10:04:14 ----A---- C:\Windows\system32\bthci.dll
2011-01-04 10:04:13 ----A---- C:\Windows\system32\ipconfig.exe
2011-01-04 10:04:13 ----A---- C:\Windows\system32\fdWCN.dll
2011-01-04 10:04:13 ----A---- C:\Windows\system32\eappcfg.dll
2011-01-04 10:04:13 ----A---- C:\Windows\system32\drivers\rassstp.sys
2011-01-04 10:04:13 ----A---- C:\Windows\system32\dot3cfg.dll
2011-01-04 10:04:13 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2011-01-04 10:04:12 ----A---- C:\Windows\system32\tscupgrd.exe
2011-01-04 10:04:12 ----A---- C:\Windows\system32\slcinst.dll
2011-01-04 10:04:12 ----A---- C:\Windows\system32\ocsetup.exe
2011-01-04 10:04:12 ----A---- C:\Windows\system32\nslookup.exe
2011-01-04 10:04:12 ----A---- C:\Windows\system32\networkitemfactory.dll
2011-01-04 10:04:12 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2011-01-04 10:04:12 ----A---- C:\Windows\system32\eappgnui.dll
2011-01-04 10:04:12 ----A---- C:\Windows\system32\drivers\hidclass.sys
2011-01-04 10:04:11 ----A---- C:\Windows\system32\mmcico.dll
2011-01-04 10:04:11 ----A---- C:\Windows\system32\hbaapi.dll
2011-01-04 10:04:11 ----A---- C:\Windows\system32\fdeploy.dll
2011-01-04 10:04:10 ----A---- C:\Windows\system32\PNPXAssoc.dll
2011-01-04 10:04:10 ----A---- C:\Windows\system32\drivers\nwifi.sys
2011-01-04 10:04:10 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-01-04 10:04:10 ----A---- C:\Windows\system32\drivers\cdrom.sys
2011-01-04 10:04:09 ----A---- C:\Windows\system32\gpupdate.exe
2011-01-04 10:04:09 ----A---- C:\Windows\system32\csrstub.exe
2011-01-04 10:04:09 ----A---- C:\Windows\system32\cbsra.exe
2011-01-04 10:04:08 ----A---- C:\Windows\system32\NcdProp.dll
2011-01-04 10:04:08 ----A---- C:\Windows\system32\iscsilog.dll
2011-01-04 10:04:08 ----A---- C:\Windows\system32\bitsigd.dll
2011-01-04 10:04:07 ----A---- C:\Windows\system32\vdmdbg.dll
2011-01-04 10:04:07 ----A---- C:\Windows\system32\slwga.dll
2011-01-04 10:04:07 ----A---- C:\Windows\system32\odbcconf.dll
2011-01-04 10:04:07 ----A---- C:\Windows\system32\inetppui.dll
2011-01-04 10:04:07 ----A---- C:\Windows\system32\drivers\dxg.sys
2011-01-04 10:04:07 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-01-04 10:04:06 ----A---- C:\Windows\system32\winrnr.dll
2011-01-04 10:04:06 ----A---- C:\Windows\system32\midimap.dll
2011-01-04 10:04:05 ----A---- C:\Windows\system32\drivers\stream.sys
2011-01-04 10:04:05 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2011-01-04 10:04:04 ----A---- C:\Windows\system32\drivers\bridge.sys
2011-01-04 10:04:03 ----A---- C:\Windows\system32\drivers\usb8023.sys
2011-01-04 10:04:03 ----A---- C:\Windows\system32\drivers\raspppoe.sys
2011-01-04 10:04:02 ----A---- C:\Windows\system32\msimsg.dll
2011-01-04 10:04:02 ----A---- C:\Windows\system32\f3ahvoas.dll
2011-01-04 10:03:44 ----A---- C:\Windows\system32\SmiEngine.dll
2011-01-04 10:03:42 ----A---- C:\Windows\system32\wdscore.dll
2011-01-04 10:03:42 ----A---- C:\Windows\system32\PkgMgr.exe
2011-01-04 10:03:33 ----A---- C:\Windows\system32\drvstore.dll
2011-01-03 21:12:59 ----D---- C:\Windows\CheckSur
2011-01-03 20:25:06 ----A---- C:\Windows\system32\msfeedssync.exe
2011-01-03 20:25:06 ----A---- C:\Windows\system32\ie4uinit.exe
2011-01-03 20:25:05 ----A---- C:\Windows\system32\ieUnatt.exe
2011-01-03 20:25:04 ----A---- C:\Windows\system32\wininet.dll
2011-01-03 20:25:04 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-01-03 20:25:04 ----A---- C:\Windows\system32\msfeeds.dll
2011-01-03 20:25:04 ----A---- C:\Windows\system32\iedkcs32.dll
2011-01-03 20:25:03 ----A---- C:\Windows\system32\occache.dll
2011-01-03 20:25:03 ----A---- C:\Windows\system32\iesysprep.dll
2011-01-03 20:25:03 ----A---- C:\Windows\system32\iesetup.dll
2011-01-03 20:25:02 ----A---- C:\Windows\system32\urlmon.dll
2011-01-03 20:25:02 ----A---- C:\Windows\system32\iernonce.dll
2011-01-03 20:25:01 ----A---- C:\Windows\system32\ieframe.dll
2011-01-03 20:25:00 ----A---- C:\Windows\system32\iertutil.dll
2011-01-03 20:24:58 ----A---- C:\Windows\system32\mstime.dll
2011-01-03 20:24:58 ----A---- C:\Windows\system32\mshtmled.dll
2011-01-03 20:24:58 ----A---- C:\Windows\system32\licmgr10.dll
2011-01-03 20:24:58 ----A---- C:\Windows\system32\jsproxy.dll
2011-01-03 20:24:58 ----A---- C:\Windows\system32\ieui.dll
2011-01-03 20:24:58 ----A---- C:\Windows\system32\iepeers.dll
2011-01-03 20:24:57 ----A---- C:\Windows\system32\mshtml.dll
2011-01-03 20:15:50 ----A---- C:\Windows\system32\gameux.dll
2011-01-03 20:15:50 ----A---- C:\Windows\system32\Apphlpdm.dll
2011-01-03 20:15:48 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2011-01-03 20:07:36 ----A---- C:\Windows\system32\win32k.sys
2011-01-03 20:07:24 ----A---- C:\Windows\system32\srvsvc.dll
2011-01-03 20:07:23 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-01-03 20:07:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-01-03 20:07:23 ----A---- C:\Windows\system32\drivers\srv.sys
2011-01-03 20:07:22 ----A---- C:\Windows\system32\netevent.dll
2011-01-03 19:15:33 ----A---- C:\Windows\system32\taskschd.dll
2011-01-03 19:15:33 ----A---- C:\Windows\system32\schedsvc.dll
2011-01-03 19:15:32 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-01-03 19:15:32 ----A---- C:\Windows\system32\taskeng.exe
2011-01-03 19:15:31 ----A---- C:\Windows\system32\taskcomp.dll
2011-01-03 19:07:53 ----A---- C:\Windows\system32\usp10.dll
2011-01-03 19:07:30 ----A---- C:\Windows\system32\spoolsv.exe
2011-01-03 18:47:38 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-01-03 18:47:38 ----A---- C:\Windows\system32\PresentationHost.exe
2011-01-03 18:47:38 ----A---- C:\Windows\system32\netfxperf.dll
2011-01-03 18:47:38 ----A---- C:\Windows\system32\mscoree.dll
2011-01-03 18:47:38 ----A---- C:\Windows\system32\dfshim.dll
2011-01-03 17:44:11 ----A---- C:\Windows\system32\wmp.dll
2011-01-03 17:44:08 ----A---- C:\Windows\system32\wmploc.DLL
2011-01-03 17:29:13 ----A---- C:\Windows\system32\mfc40.dll
2011-01-03 17:29:12 ----A---- C:\Windows\system32\mfc40u.dll
2011-01-03 17:29:11 ----A---- C:\Windows\system32\schannel.dll
2011-01-03 17:28:34 ----A---- C:\Windows\system32\rtutils.dll
2011-01-03 17:28:32 ----A---- C:\Windows\system32\wmpmde.dll
2011-01-03 17:28:31 ----A---- C:\Windows\system32\iccvid.dll
2011-01-03 17:28:28 ----A---- C:\Windows\system32\shell32.dll
2011-01-03 17:25:18 ----A---- C:\Windows\system32\ole32.dll
2011-01-03 17:24:20 ----A---- C:\Windows\system32\msshsq.dll
2011-01-03 17:22:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-01-03 17:22:34 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-01-03 17:20:30 ----A---- C:\Windows\system32\comctl32.dll
2011-01-03 17:20:04 ----A---- C:\Windows\system32\inetcomm.dll
2011-01-03 17:19:00 ----A---- C:\Windows\system32\fontsub.dll
2011-01-03 17:19:00 ----A---- C:\Windows\system32\atmlib.dll
2011-01-03 17:19:00 ----A---- C:\Windows\system32\atmfd.dll
2011-01-03 17:18:57 ----A---- C:\Windows\system32\MP4SDECD.DLL
2011-01-03 17:18:50 ----A---- C:\Windows\system32\consent.exe
2011-01-03 17:18:38 ----A---- C:\Windows\system32\asycfilt.dll
2011-01-03 17:18:36 ----A---- C:\Windows\system32\t2embed.dll
2011-01-03 17:17:19 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-01-03 17:16:39 ----A---- C:\Windows\system32\msxml3.dll
2011-01-03 17:16:15 ----A---- C:\Windows\system32\tzres.dll
2011-01-03 16:51:42 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\FreeFileViewer
2011-01-03 16:05:13 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\skypePM
2011-01-03 16:00:11 ----D---- C:\Program Files\Common Files\Skype
2011-01-03 16:00:07 ----RD---- C:\Program Files\Skype
2011-01-03 16:00:06 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\Skype
2011-01-03 16:00:04 ----D---- C:\ProgramData\Skype
2011-01-03 15:37:28 ----D---- C:\Program Files\Defraggler
2011-01-03 15:18:51 ----D---- C:\Program Files\FreeFileViewer
2011-01-03 14:43:27 ----D---- C:\ProgramData\IObit
2011-01-03 14:16:37 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\Malwarebytes
2011-01-03 14:16:24 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-01-03 14:16:23 ----D---- C:\ProgramData\Malwarebytes
2011-01-03 14:16:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-03 14:16:20 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-01-03 13:50:32 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\IObit
2011-01-03 13:50:30 ----D---- C:\Program Files\IObit
2011-01-03 13:22:44 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\Yahoo!
2011-01-03 13:22:44 ----D---- C:\ProgramData\Yahoo! Companion
2011-01-03 12:47:53 ----D---- C:\PerfLogs
2011-01-03 11:55:37 ----A---- C:\Windows\system32\imagesp1.dll
2011-01-03 11:55:28 ----A---- C:\Windows\system32\sstpsvc.dll
2011-01-03 11:55:04 ----A---- C:\Windows\system32\xpssvcs.dll
2011-01-03 11:54:57 ----A---- C:\Windows\system32\spwizimg.dll
2011-01-03 11:54:57 ----A---- C:\Windows\system32\lpremove.exe
2011-01-03 11:54:57 ----A---- C:\Windows\bfsvc.exe
2011-01-03 11:54:51 ----A---- C:\Windows\system32\recdisc.exe
2011-01-03 11:54:49 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2011-01-03 11:54:42 ----A---- C:\Windows\system32\msvbvm60.dll
2011-01-03 11:54:36 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
2011-01-03 11:54:34 ----A---- C:\Windows\system32\xolehlp.dll
2011-01-03 11:54:29 ----A---- C:\Windows\system32\SSShim.dll
2011-01-03 11:54:29 ----A---- C:\Windows\system32\DfsShlEx.dll
2011-01-03 11:54:28 ----A---- C:\Windows\system32\nlmgp.dll
2011-01-03 11:54:24 ----A---- C:\Windows\system32\clusapi.dll
2011-01-03 11:54:16 ----A---- C:\Windows\system32\vdsbas.dll
2011-01-03 11:54:10 ----A---- C:\Windows\system32\msdtckrm.dll
2011-01-03 11:54:09 ----A---- C:\Windows\system32\XPSSHHDR.dll
2011-01-03 11:54:08 ----A---- C:\Windows\system32\sbe.dll
2011-01-03 11:54:06 ----A---- C:\Windows\system32\sdengin2.dll
2011-01-03 11:54:05 ----A---- C:\Windows\system32\gacinstall.dll
2011-01-03 11:54:05 ----A---- C:\Windows\system32\cmipnpinstall.dll
2011-01-03 11:54:05 ----A---- C:\Windows\system32\cmicryptinstall.dll
2011-01-03 11:53:58 ----A---- C:\Windows\system32\FirewallAPI.dll
2011-01-03 11:53:57 ----A---- C:\Windows\system32\sqlceqp30.dll
2011-01-03 11:53:57 ----A---- C:\Windows\system32\lsm.exe
2011-01-03 11:53:54 ----A---- C:\Windows\system32\thumbcache.dll
2011-01-03 11:53:50 ----A---- C:\Windows\system32\authfwcfg.dll
2011-01-03 11:53:47 ----A---- C:\Windows\system32\dmvdsitf.dll
2011-01-03 11:53:44 ----A---- C:\Windows\system32\uexfat.dll
2011-01-03 11:53:42 ----A---- C:\Windows\system32\DfrgNtfs.exe
2011-01-03 11:53:41 ----A---- C:\Windows\system32\sqlcese30.dll
2011-01-03 11:53:32 ----A---- C:\Windows\system32\mssha.dll
2011-01-03 11:53:31 ----A---- C:\Windows\system32\nlasvc.dll
2011-01-03 11:53:31 ----A---- C:\Windows\system32\dfrgui.exe
2011-01-03 11:53:26 ----A---- C:\Windows\system32\wmdrmdev.dll
2011-01-03 11:53:25 ----A---- C:\Windows\system32\ddraw.dll
2011-01-03 11:53:24 ----A---- C:\Windows\system32\objsel.dll
2011-01-03 11:53:22 ----A---- C:\Windows\system32\QAGENT.DLL
2011-01-03 11:53:22 ----A---- C:\Windows\system32\dbghelp.dll
2011-01-03 11:53:21 ----A---- C:\Windows\system32\icm32.dll
2011-01-03 11:53:21 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2011-01-03 11:53:20 ----A---- C:\Windows\system32\wmdrmnet.dll
2011-01-03 11:53:20 ----A---- C:\Windows\system32\iprtrmgr.dll
2011-01-03 11:53:20 ----A---- C:\Windows\system32\drivers\raspptp.sys
2011-01-03 11:53:17 ----A---- C:\Windows\system32\bcdedit.exe
2011-01-03 11:53:16 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2011-01-03 11:53:16 ----A---- C:\Windows\system32\AudioEng.dll
2011-01-03 11:53:15 ----A---- C:\Windows\system32\winsta.dll
2011-01-03 11:53:15 ----A---- C:\Windows\system32\netprofm.dll
2011-01-03 11:53:14 ----A---- C:\Windows\system32\netcfgx.dll
2011-01-03 11:53:14 ----A---- C:\Windows\system32\hcrstco.dll
2011-01-03 11:53:11 ----A---- C:\Windows\system32\lpksetup.exe
2011-01-03 11:53:11 ----A---- C:\Windows\system32\cdosys.dll
2011-01-03 11:53:10 ----A---- C:\Windows\system32\msdtcuiu.dll
2011-01-03 11:53:09 ----A---- C:\Windows\system32\mprddm.dll
2011-01-03 11:53:08 ----A---- C:\Windows\system32\eapsvc.dll
2011-01-03 11:53:08 ----A---- C:\Windows\system32\AUDIOKSE.dll
2011-01-03 11:53:07 ----A---- C:\Windows\system32\bcdsrv.dll
2011-01-03 11:53:06 ----A---- C:\Windows\system32\msidcrl30.dll
2011-01-03 11:53:03 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-01-03 11:53:02 ----A---- C:\Windows\system32\pla.dll
2011-01-03 11:53:01 ----A---- C:\Windows\system32\dot3gpui.dll
2011-01-03 11:52:59 ----A---- C:\Windows\system32\cryptnet.dll
2011-01-03 11:52:59 ----A---- C:\Windows\system32\comsnap.dll
2011-01-03 11:52:55 ----A---- C:\Windows\system32\synceng.dll
2011-01-03 11:52:54 ----A---- C:\Windows\system32\cmifw.dll
2011-01-03 11:52:53 ----A---- C:\Windows\system32\msconfig.exe
2011-01-03 11:52:50 ----A---- C:\Windows\system32\tdh.dll
2011-01-03 11:52:49 ----A---- C:\Windows\system32\uxtheme.dll
2011-01-03 11:52:49 ----A---- C:\Windows\system32\SessEnv.dll
2011-01-03 11:52:49 ----A---- C:\Windows\system32\dot3api.dll
2011-01-03 11:52:49 ----A---- C:\Windows\system32\dmdskmgr.dll
2011-01-03 11:52:49 ----A---- C:\Windows\system32\cmd.exe
2011-01-03 11:52:48 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2011-01-03 11:52:47 ----A---- C:\Windows\system32\WUDFx.dll
2011-01-03 11:52:47 ----A---- C:\Windows\system32\wlancfg.dll
2011-01-03 11:52:47 ----A---- C:\Windows\system32\loadperf.dll
2011-01-03 11:52:46 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2011-01-03 11:52:46 ----A---- C:\Windows\system32\localsec.dll
2011-01-03 11:52:46 ----A---- C:\Windows\system32\comres.dll
2011-01-03 11:52:45 ----A---- C:\Windows\system32\rstrui.exe
2011-01-03 11:52:45 ----A---- C:\Windows\system32\rdpdd.dll
2011-01-03 11:52:44 ----A---- C:\Windows\system32\wsqmcons.exe
2011-01-03 11:52:44 ----A---- C:\Windows\system32\WinSATAPI.dll
2011-01-03 11:52:44 ----A---- C:\Windows\system32\hnetcfg.dll
2011-01-03 11:52:43 ----A---- C:\Windows\system32\WMADMOD.DLL
2011-01-03 11:52:43 ----A---- C:\Windows\system32\NAPMONTR.DLL
2011-01-03 11:52:42 ----A---- C:\Windows\system32\RDPENCDD.dll
2011-01-03 11:52:42 ----A---- C:\Windows\system32\profprov.dll
2011-01-03 11:52:42 ----A---- C:\Windows\system32\filemgmt.dll
2011-01-03 11:52:41 ----A---- C:\Windows\system32\wsecedit.dll
2011-01-03 11:52:41 ----A---- C:\Windows\system32\tracerpt.exe
2011-01-03 11:52:41 ----A---- C:\Windows\system32\MuiUnattend.exe
2011-01-03 11:52:40 ----A---- C:\Windows\system32\dwmredir.dll
2011-01-03 11:52:39 ----A---- C:\Windows\system32\wininit.exe
2011-01-03 11:52:38 ----A---- C:\Windows\system32\QSHVHOST.DLL
2011-01-03 11:52:37 ----A---- C:\Windows\system32\azroleui.dll
2011-01-03 11:52:36 ----A---- C:\Windows\system32\mcbuilder.exe
2011-01-03 11:52:36 ----A---- C:\Windows\system32\iashost.exe
2011-01-03 11:52:36 ----A---- C:\Windows\system32\drivers\volmgr.sys
2011-01-03 11:52:36 ----A---- C:\Windows\HelpPane.exe
2011-01-03 11:52:35 ----A---- C:\Windows\system32\srrstr.dll
2011-01-03 11:52:35 ----A---- C:\Windows\system32\spwizeng.dll
2011-01-03 11:52:34 ----A---- C:\Windows\system32\lltdsvc.dll
2011-01-03 11:52:33 ----A---- C:\Windows\system32\unbcl.dll
2011-01-03 11:52:33 ----A---- C:\Windows\system32\shrink.dll
2011-01-03 11:52:33 ----A---- C:\Windows\system32\msra.exe
2011-01-03 11:52:32 ----A---- C:\Windows\system32\WMPEncEn.dll
2011-01-03 11:52:31 ----A---- C:\Windows\system32\msdri.dll
2011-01-03 11:52:29 ----A---- C:\Windows\system32\framedynos.dll
2011-01-03 11:52:27 ----A---- C:\Windows\system32\vsstrace.dll
2011-01-03 11:52:27 ----A---- C:\Windows\system32\ntvdm.exe
2011-01-03 11:52:26 ----A---- C:\Windows\system32\ntlanman.dll
2011-01-03 11:52:25 ----A---- C:\Windows\system32\netman.dll
2011-01-03 11:52:25 ----A---- C:\Windows\system32\framedyn.dll
2011-01-03 11:52:25 ----A---- C:\Windows\system32\dssenh.dll
2011-01-03 11:52:25 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2011-01-03 11:52:24 ----A---- C:\Windows\system32\WlanMM.dll
2011-01-03 11:52:24 ----A---- C:\Windows\system32\adsnt.dll
2011-01-03 11:52:23 ----A---- C:\Windows\system32\WUDFHost.exe
2011-01-03 11:52:23 ----A---- C:\Windows\system32\WLanConn.dll
2011-01-03 11:52:23 ----A---- C:\Windows\system32\sxs.dll
2011-01-03 11:52:23 ----A---- C:\Windows\system32\ncsi.dll
2011-01-03 11:52:23 ----A---- C:\Windows\system32\KMSVC.DLL
2011-01-03 11:52:23 ----A---- C:\Windows\system32\IPBusEnum.dll
2011-01-03 11:52:23 ----A---- C:\Windows\system32\drivers\scsiport.sys
2011-01-03 11:52:22 ----A---- C:\Windows\system32\VAN.dll
2011-01-03 11:52:22 ----A---- C:\Windows\system32\umb.dll
2011-01-03 11:52:20 ----A---- C:\Windows\system32\catsrvut.dll
2011-01-03 11:52:19 ----A---- C:\Windows\system32\puiobj.dll
2011-01-03 11:52:19 ----A---- C:\Windows\system32\netid.dll
2011-01-03 11:52:19 ----A---- C:\Windows\system32\dps.dll
2011-01-03 11:52:18 ----A---- C:\Windows\system32\MdSched.exe
2011-01-03 11:52:17 ----A---- C:\Windows\system32\setbcdlocale.dll
2011-01-03 11:52:17 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2011-01-03 11:52:16 ----A---- C:\Windows\system32\ws2_32.dll
2011-01-03 11:52:16 ----A---- C:\Windows\system32\spbcd.dll
2011-01-03 11:52:16 ----A---- C:\Windows\system32\odbcjt32.dll
2011-01-03 11:52:16 ----A---- C:\Windows\system32\ntdsapi.dll
2011-01-03 11:52:16 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2011-01-03 11:52:15 ----A---- C:\Windows\system32\NAPSTAT.EXE
2011-01-03 11:52:14 ----A---- C:\Windows\system32\drivers\intelppm.sys
2011-01-03 11:52:14 ----A---- C:\Windows\system32\drivers\fileinfo.sys
2011-01-03 11:52:12 ----A---- C:\Windows\system32\schtasks.exe
2011-01-03 11:52:12 ----A---- C:\Windows\system32\dmdlgs.dll
2011-01-03 11:52:11 ----A---- C:\Windows\system32\netdiagfx.dll
2011-01-03 11:52:11 ----A---- C:\Windows\system32\dhcpsapi.dll
2011-01-03 11:52:11 ----A---- C:\Windows\system32\catsrv.dll
2011-01-03 11:52:11 ----A---- C:\Windows\system32\activeds.dll
2011-01-03 11:52:08 ----A---- C:\Windows\system32\TSpkg.dll
2011-01-03 11:52:08 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2011-01-03 11:52:08 ----A---- C:\Windows\system32\dfrgfat.exe
2011-01-03 11:52:07 ----A---- C:\Windows\system32\wvc.dll
2011-01-03 11:52:07 ----A---- C:\Windows\system32\qwave.dll
2011-01-03 11:52:05 ----A---- C:\Windows\system32\netcorehc.dll
2011-01-03 11:52:05 ----A---- C:\Windows\system32\NAPHLPR.DLL
2011-01-03 11:52:05 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2011-01-03 11:52:05 ----A---- C:\Windows\system32\msacm32.dll
2011-01-03 11:52:04 ----A---- C:\Windows\system32\drivers\battc.sys
2011-01-03 11:52:04 ----A---- C:\Windows\system32\adsldp.dll
2011-01-03 11:52:02 ----A---- C:\Windows\system32\ntshrui.dll
2011-01-03 11:52:02 ----A---- C:\Windows\system32\msdt.dll
2011-01-03 11:52:02 ----A---- C:\Windows\system32\els.dll
2011-01-03 11:52:02 ----A---- C:\Windows\system32\clbcatq.dll
2011-01-03 11:52:01 ----A---- C:\Windows\system32\QUTIL.DLL
2011-01-03 11:52:00 ----A---- C:\Windows\system32\sdrsvc.dll
2011-01-03 11:52:00 ----A---- C:\Windows\system32\net1.exe
2011-01-03 11:52:00 ----A---- C:\Windows\system32\ipnathlp.dll
2011-01-03 11:51:58 ----A---- C:\Windows\system32\nci.dll
2011-01-03 11:51:58 ----A---- C:\Windows\system32\mprmsg.dll
2011-01-03 11:51:58 ----A---- C:\Windows\system32\Defrag.exe
2011-01-03 11:51:57 ----A---- C:\Windows\system32\upnphost.dll
2011-01-03 11:51:56 ----A---- C:\Windows\system32\rasman.dll
2011-01-03 11:51:56 ----A---- C:\Windows\system32\P2P.dll
2011-01-03 11:51:56 ----A---- C:\Windows\system32\CompatUI.dll
2011-01-03 11:51:56 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2011-01-03 11:51:55 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2011-01-03 11:51:55 ----A---- C:\Windows\system32\fde.dll
2011-01-03 11:51:54 ----A---- C:\Windows\system32\rascfg.dll
2011-01-03 11:51:53 ----A---- C:\Windows\system32\loghours.dll
2011-01-03 11:51:51 ----A---- C:\Windows\system32\Wpc.dll
2011-01-03 11:51:51 ----A---- C:\Windows\system32\MigAutoPlay.exe
2011-01-03 11:51:50 ----A---- C:\Windows\system32\DFDWiz.exe
2011-01-03 11:51:49 ----A---- C:\Windows\system32\setupcl.exe
2011-01-03 11:51:49 ----A---- C:\Windows\system32\mprdim.dll
2011-01-03 11:51:48 ----A---- C:\Windows\system32\rtm.dll
2011-01-03 11:51:47 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2011-01-03 11:51:47 ----A---- C:\Windows\system32\drivers\videoprt.sys
2011-01-03 11:51:45 ----A---- C:\Windows\system32\ifsutil.dll
2011-01-03 11:51:44 ----A---- C:\Windows\system32\wdi.dll
2011-01-03 11:51:44 ----A---- C:\Windows\system32\actxprxy.dll
2011-01-03 11:51:43 ----A---- C:\Windows\system32\usbmon.dll
2011-01-03 11:51:43 ----A---- C:\Windows\system32\mswmdm.dll
2011-01-03 11:51:43 ----A---- C:\Windows\system32\drivers\compbatt.sys
2011-01-03 11:51:43 ----A---- C:\Windows\system32\BOOTVID.DLL
2011-01-03 11:51:42 ----A---- C:\Windows\system32\imagehlp.dll
2011-01-03 11:51:41 ----A---- C:\Windows\system32\wlandlg.dll
2011-01-03 11:51:41 ----A---- C:\Windows\system32\vssadmin.exe
2011-01-03 11:51:41 ----A---- C:\Windows\system32\mycomput.dll
2011-01-03 11:51:40 ----A---- C:\Windows\system32\uudf.dll
2011-01-03 11:51:38 ----A---- C:\Windows\system32\mspaint.exe
2011-01-03 11:51:37 ----A---- C:\Windows\system32\mstask.dll
2011-01-03 11:51:36 ----A---- C:\Windows\system32\termmgr.dll
2011-01-03 11:51:36 ----A---- C:\Windows\system32\ssdpsrv.dll
2011-01-03 11:51:36 ----A---- C:\Windows\system32\mtxoci.dll
2011-01-03 11:51:36 ----A---- C:\Windows\system32\duser.dll
2011-01-03 11:51:36 ----A---- C:\Windows\system32\drivers\kbdclass.sys
2011-01-03 11:51:35 ----A---- C:\Windows\system32\cic.dll
2011-01-03 11:51:34 ----A---- C:\Windows\system32\Robocopy.exe
2011-01-03 11:51:34 ----A---- C:\Windows\system32\drivers\spldr.sys
2011-01-03 11:51:34 ----A---- C:\Windows\system32\drivers\mouclass.sys
2011-01-03 11:51:34 ----A---- C:\Windows\system32\AzSqlExt.dll
2011-01-03 11:51:33 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2011-01-03 11:51:32 ----A---- C:\Windows\system32\drivers\wmilib.sys
2011-01-03 11:51:32 ----A---- C:\Windows\system32\drivers\swenum.sys
2011-01-03 11:51:31 ----A---- C:\Windows\system32\WUDFPlatform.dll
2011-01-03 11:51:31 ----A---- C:\Windows\system32\sdshext.dll
2011-01-03 11:51:31 ----A---- C:\Windows\system32\msdtclog.dll
2011-01-03 11:51:31 ----A---- C:\Windows\system32\msdt.exe
2011-01-03 11:51:31 ----A---- C:\Windows\system32\drivers\luafv.sys
2011-01-03 11:51:30 ----A---- C:\Windows\system32\verifier.exe
2011-01-03 11:51:30 ----A---- C:\Windows\system32\d3d8.dll
2011-01-03 11:51:28 ----A---- C:\Windows\system32\vdsldr.exe
2011-01-03 11:51:28 ----A---- C:\Windows\system32\oledlg.dll
2011-01-03 11:51:28 ----A---- C:\Windows\system32\mmcbase.dll
2011-01-03 11:51:28 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2011-01-03 11:51:28 ----A---- C:\Windows\system32\clfsw32.dll
2011-01-03 11:51:27 ----A---- C:\Windows\system32\mlang.dll
2011-01-03 11:51:27 ----A---- C:\Windows\system32\icfupgd.dll
2011-01-03 11:51:26 ----A---- C:\Windows\system32\rasqec.dll
2011-01-03 11:51:26 ----A---- C:\Windows\system32\ncobjapi.dll
2011-01-03 11:51:26 ----A---- C:\Windows\system32\msaatext.dll
2011-01-03 11:51:25 ----A---- C:\Windows\system32\wtsapi32.dll
2011-01-03 11:51:25 ----A---- C:\Windows\system32\unlodctr.exe
2011-01-03 11:51:25 ----A---- C:\Windows\system32\syssetup.dll
2011-01-03 11:51:24 ----A---- C:\Windows\system32\lodctr.exe
2011-01-03 11:51:24 ----A---- C:\Windows\system32\drivers\cdfs.sys
2011-01-03 11:51:23 ----A---- C:\Windows\system32\cabinet.dll
2011-01-03 11:51:22 ----A---- C:\Windows\system32\Mcx2Svc.dll
2011-01-03 11:51:21 ----A---- C:\Windows\system32\unattend.dll
2011-01-03 11:51:21 ----A---- C:\Windows\system32\trkwks.dll
2011-01-03 11:51:21 ----A---- C:\Windows\system32\lnkstub.exe
2011-01-03 11:51:20 ----A---- C:\Windows\system32\ogldrv.dll
2011-01-03 11:51:19 ----A---- C:\Windows\system32\wermgr.exe
2011-01-03 11:51:19 ----A---- C:\Windows\system32\drivers\ipnat.sys
2011-01-03 11:51:19 ----A---- C:\Windows\system32\dfdts.dll
2011-01-03 11:51:17 ----A---- C:\Windows\system32\p2pcollab.dll
2011-01-03 11:51:15 ----A---- C:\Windows\system32\basesrv.dll
2011-01-03 11:51:13 ----A---- C:\Windows\system32\DHCPQEC.DLL
2011-01-03 11:51:12 ----A---- C:\Windows\system32\dispdiag.exe
2011-01-03 11:51:08 ----A---- C:\Windows\system32\mmcss.dll
2011-01-03 11:51:08 ----A---- C:\Windows\system32\dsquery.dll
2011-01-03 11:51:08 ----A---- C:\Windows\system32\drivers\umbus.sys
2011-01-03 11:51:06 ----A---- C:\Windows\system32\verifier.dll
2011-01-03 11:51:06 ----A---- C:\Windows\system32\RstrtMgr.dll
2011-01-03 11:51:06 ----A---- C:\Windows\system32\efsadu.dll
2011-01-03 11:51:06 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2011-01-03 11:51:04 ----A---- C:\Windows\system32\wercplsupport.dll
2011-01-03 11:51:03 ----A---- C:\Windows\system32\msoeacct.dll
2011-01-03 11:51:02 ----A---- C:\Windows\system32\wiascanprofiles.dll
2011-01-03 11:51:02 ----A---- C:\Windows\system32\setupugc.exe
2011-01-03 11:51:02 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2011-01-03 11:51:02 ----A---- C:\Windows\system32\pnrpnsp.dll
2011-01-03 11:51:02 ----A---- C:\Windows\system32\iscsiexe.dll
2011-01-03 11:51:02 ----A---- C:\Windows\system32\icacls.exe
2011-01-03 11:51:01 ----A---- C:\Windows\system32\p2pnetsh.dll
2011-01-03 11:51:01 ----A---- C:\Windows\system32\msdmo.dll
2011-01-03 11:51:00 ----A---- C:\Windows\system32\xactsrv.dll
2011-01-03 11:51:00 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2011-01-03 11:51:00 ----A---- C:\Windows\system32\msrdc.dll
2011-01-03 11:50:59 ----A---- C:\Windows\system32\pcadm.dll
2011-01-03 11:50:59 ----A---- C:\Windows\system32\eappprxy.dll
2011-01-03 11:50:58 ----A---- C:\Windows\system32\systeminfo.exe
2011-01-03 11:50:58 ----A---- C:\Windows\system32\netcfg.exe
2011-01-03 11:50:57 ----A---- C:\Windows\system32\xwizards.dll
2011-01-03 11:50:57 ----A---- C:\Windows\system32\cmdl32.exe
2011-01-03 11:50:56 ----A---- C:\Windows\system32\resutils.dll
2011-01-03 11:50:56 ----A---- C:\Windows\system32\DWWIN.EXE
2011-01-03 11:50:56 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2011-01-03 11:50:56 ----A---- C:\Windows\system32\alg.exe
2011-01-03 11:50:55 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2011-01-03 11:50:55 ----A---- C:\Windows\system32\dssec.dll
2011-01-03 11:50:55 ----A---- C:\Windows\system32\dot3ui.dll
2011-01-03 11:50:55 ----A---- C:\Windows\system32\dfrgifc.exe
2011-01-03 11:50:55 ----A---- C:\Windows\system32\dbnetlib.dll
2011-01-03 11:50:54 ----A---- C:\Windows\system32\netprof.dll
2011-01-03 11:50:54 ----A---- C:\Windows\regedit.exe
2011-01-03 11:50:53 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-01-03 11:50:53 ----A---- C:\Windows\system32\btpanui.dll
2011-01-03 11:50:53 ----A---- C:\Windows\system32\apircl.dll
2011-01-03 11:50:52 ----A---- C:\Windows\system32\txflog.dll
2011-01-03 11:50:52 ----A---- C:\Windows\system32\taskkill.exe
2011-01-03 11:50:51 ----A---- C:\Windows\system32\tbssvc.dll
2011-01-03 11:50:51 ----A---- C:\Windows\system32\msieftp.dll
2011-01-03 11:50:51 ----A---- C:\Windows\system32\dxva2.dll
2011-01-03 11:50:51 ----A---- C:\Windows\system32\dwmapi.dll
2011-01-03 11:50:51 ----A---- C:\Windows\system32\bcdprov.dll
2011-01-03 11:50:50 ----A---- C:\Windows\system32\RASMM.dll
2011-01-03 11:50:50 ----A---- C:\Windows\system32\ActionQueue.dll
2011-01-03 11:50:49 ----A---- C:\Windows\system32\svchost.exe
2011-01-03 11:50:49 ----A---- C:\Windows\system32\provthrd.dll
2011-01-03 11:50:48 ----A---- C:\Windows\system32\syncui.dll
2011-01-03 11:50:48 ----A---- C:\Windows\system32\EAPQEC.DLL
2011-01-03 11:50:48 ----A---- C:\Windows\system32\dmocx.dll
2011-01-03 11:50:47 ----A---- C:\Windows\system32\raserver.exe
2011-01-03 11:50:47 ----A---- C:\Windows\system32\aclui.dll
2011-01-03 11:50:46 ----A---- C:\Windows\system32\WMASF.DLL
2011-01-03 11:50:45 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-01-03 11:50:45 ----A---- C:\Windows\system32\brcplsdw.dll
2011-01-03 11:50:45 ----A---- C:\Windows\system32\audiodev.dll
2011-01-03 11:50:44 ----A---- C:\Windows\system32\xcopy.exe
2011-01-03 11:50:44 ----A---- C:\Windows\system32\taskmgr.exe
2011-01-03 11:50:44 ----A---- C:\Windows\system32\ias.dll
2011-01-03 11:50:43 ----A---- C:\Windows\system32\upnp.dll
2011-01-03 11:50:43 ----A---- C:\Windows\system32\UIHub.dll
2011-01-03 11:50:43 ----A---- C:\Windows\system32\QCLIPROV.DLL
2011-01-03 11:50:42 ----A---- C:\Windows\system32\icsfiltr.dll
2011-01-03 11:50:42 ----A---- C:\Windows\system32\cmstp.exe
2011-01-03 11:50:42 ----A---- C:\Windows\system32\appinfo.dll
2011-01-03 11:50:41 ----A---- C:\Windows\system32\wlanext.exe
2011-01-03 11:50:41 ----A---- C:\Windows\system32\perfts.dll
2011-01-03 11:50:41 ----A---- C:\Windows\system32\NapiNSP.dll
2011-01-03 11:50:41 ----A---- C:\Windows\system32\msoert2.dll
2011-01-03 11:50:41 ----A---- C:\Windows\system32\mountvol.exe
2011-01-03 11:50:41 ----A---- C:\Windows\system32\mmcshext.dll
2011-01-03 11:50:41 ----A---- C:\Windows\system32\drivers\wanarp.sys
2011-01-03 11:50:41 ----A---- C:\Windows\system32\browser.dll
2011-01-03 11:50:40 ----A---- C:\Windows\system32\inetmib1.dll
2011-01-03 11:50:40 ----A---- C:\Windows\system32\dskquoui.dll
2011-01-03 11:50:40 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2011-01-03 11:50:39 ----A---- C:\Windows\system32\PING.EXE
2011-01-03 11:50:39 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2011-01-03 11:50:39 ----A---- C:\Windows\system32\cewmdm.dll
2011-01-03 11:50:39 ----A---- C:\Windows\system32\bitsadmin.exe
2011-01-03 11:50:38 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2011-01-03 11:50:38 ----A---- C:\Windows\system32\SoundRecorder.exe
2011-01-03 11:50:38 ----A---- C:\Windows\system32\qcap.dll
2011-01-03 11:50:38 ----A---- C:\Windows\system32\qasf.dll
2011-01-03 11:50:37 ----A---- C:\Windows\system32\SysFxUI.dll
2011-01-03 11:50:37 ----A---- C:\Windows\system32\dsuiext.dll
2011-01-03 11:50:36 ----A---- C:\Windows\system32\auditpol.exe
2011-01-03 11:50:35 ----A---- C:\Windows\system32\WUDFSvc.dll
2011-01-03 11:50:35 ----A---- C:\Windows\system32\wmpsrcwp.dll
2011-01-03 11:50:35 ----A---- C:\Windows\system32\SecEdit.exe
2011-01-03 11:50:35 ----A---- C:\Windows\system32\mtstocom.exe
2011-01-03 11:50:34 ----A---- C:\Windows\system32\WMVSENCD.DLL
2011-01-03 11:50:34 ----A---- C:\Windows\system32\Sens.dll
2011-01-03 11:50:34 ----A---- C:\Windows\system32\makecab.exe
2011-01-03 11:50:34 ----A---- C:\Windows\system32\lsmproxy.dll
2011-01-03 11:50:34 ----A---- C:\Windows\system32\batt.dll
2011-01-03 11:50:33 ----A---- C:\Windows\system32\xwtpw32.dll
2011-01-03 11:50:33 ----A---- C:\Windows\system32\wzcdlg.dll
2011-01-03 11:50:33 ----A---- C:\Windows\system32\sppnp.dll
2011-01-03 11:50:33 ----A---- C:\Windows\system32\shimgvw.dll
2011-01-03 11:50:33 ----A---- C:\Windows\system32\seclogon.dll
2011-01-03 11:50:33 ----A---- C:\Windows\system32\sbeio.dll
2011-01-03 11:50:33 ----A---- C:\Windows\system32\ndfapi.dll
2011-01-03 11:50:33 ----A---- C:\Windows\system32\msdadiag.dll
2011-01-03 11:50:33 ----A---- C:\Windows\system32\dot3gpclnt.dll
2011-01-03 11:50:32 ----A---- C:\Windows\system32\wscmisetup.dll
2011-01-03 11:50:32 ----A---- C:\Windows\system32\wiashext.dll
2011-01-03 11:50:32 ----A---- C:\Windows\system32\wiadefui.dll
2011-01-03 11:50:32 ----A---- C:\Windows\system32\shacct.dll
2011-01-03 11:50:32 ----A---- C:\Windows\system32\msorcl32.dll
2011-01-03 11:50:32 ----A---- C:\Windows\system32\apss.dll
2011-01-03 11:50:31 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2011-01-03 11:50:31 ----A---- C:\Windows\system32\userinit.exe
2011-01-03 11:50:31 ----A---- C:\Windows\system32\perfmon.exe
2011-01-03 11:50:31 ----A---- C:\Windows\system32\p2phost.exe
2011-01-03 11:50:31 ----A---- C:\Windows\system32\napipsec.dll
2011-01-03 11:50:30 ----A---- C:\Windows\system32\wpdwcn.dll
2011-01-03 11:50:30 ----A---- C:\Windows\system32\tasklist.exe
2011-01-03 11:50:30 ----A---- C:\Windows\system32\sxstrace.exe
2011-01-03 11:50:30 ----A---- C:\Windows\system32\ktmutil.exe
2011-01-03 11:50:30 ----A---- C:\Windows\system32\keymgr.dll
2011-01-03 11:50:30 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2011-01-03 11:50:30 ----A---- C:\Windows\system32\csrsrv.dll
2011-01-03 11:50:29 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2011-01-03 11:50:29 ----A---- C:\Windows\system32\prntvpt.dll
2011-01-03 11:50:29 ----A---- C:\Windows\system32\notepad.exe
2011-01-03 11:50:29 ----A---- C:\Windows\notepad.exe
2011-01-03 11:50:28 ----A---- C:\Windows\system32\fmifs.dll
2011-01-03 11:50:28 ----A---- C:\Windows\system32\d3dim700.dll
2011-01-03 11:50:28 ----A---- C:\Windows\system32\colorui.dll
2011-01-03 11:50:25 ----A---- C:\Windows\system32\wscproxystub.dll
2011-01-03 11:50:25 ----A---- C:\Windows\system32\netiougc.exe
2011-01-03 11:50:25 ----A---- C:\Windows\system32\cryptdll.dll
2011-01-03 11:50:24 ----A---- C:\Windows\system32\winethc.dll
2011-01-03 11:50:24 ----A---- C:\Windows\system32\takeown.exe
2011-01-03 11:50:24 ----A---- C:\Windows\system32\pcasvc.dll
2011-01-03 11:50:24 ----A---- C:\Windows\system32\nshipsec.dll
2011-01-03 11:50:24 ----A---- C:\Windows\system32\driverquery.exe
2011-01-03 11:50:23 ----A---- C:\Windows\system32\wmiprop.dll
2011-01-03 11:50:23 ----A---- C:\Windows\system32\txfw32.dll
2011-01-03 11:50:23 ----A---- C:\Windows\system32\pots.dll
2011-01-03 11:50:22 ----A---- C:\Windows\system32\findnetprinters.dll
2011-01-03 11:50:22 ----A---- C:\Windows\system32\capisp.dll
2011-01-03 11:50:21 ----A---- C:\Windows\system32\shrpubw.exe
2011-01-03 11:50:21 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2011-01-03 11:50:21 ----A---- C:\Windows\system32\fsutil.exe
2011-01-03 11:50:21 ----A---- C:\Windows\system32\dnshc.dll
2011-01-03 11:50:20 ----A---- C:\Windows\system32\sfc_os.dll
2011-01-03 11:50:20 ----A---- C:\Windows\system32\perfnet.dll
2011-01-03 11:50:20 ----A---- C:\Windows\system32\olecli32.dll
2011-01-03 11:50:20 ----A---- C:\Windows\system32\nsisvc.dll
2011-01-03 11:50:20 ----A---- C:\Windows\system32\luainstall.dll
2011-01-03 11:50:19 ----A---- C:\Windows\system32\WLanHC.dll
2011-01-03 11:50:19 ----A---- C:\Windows\system32\shgina.dll
2011-01-03 11:50:19 ----A---- C:\Windows\system32\fdPHost.dll
2011-01-03 11:50:18 ----A---- C:\Windows\system32\TMM.dll
2011-01-03 11:50:18 ----A---- C:\Windows\system32\runonce.exe
2011-01-03 11:50:18 ----A---- C:\Windows\system32\rshx32.dll
2011-01-03 11:50:18 ----A---- C:\Windows\system32\RpcPing.exe
2011-01-03 11:50:18 ----A---- C:\Windows\system32\ktmw32.dll
2011-01-03 11:50:18 ----A---- C:\Windows\system32\d3dim.dll
2011-01-03 11:50:18 ----A---- C:\Windows\system32\compstui.dll
2011-01-03 11:50:17 ----A---- C:\Windows\system32\WMADMOE.DLL
2011-01-03 11:50:17 ----A---- C:\Windows\system32\wiaacmgr.exe
2011-01-03 11:50:17 ----A---- C:\Windows\system32\getmac.exe
2011-01-03 11:50:17 ----A---- C:\Windows\system32\dimsjob.dll
2011-01-03 11:50:17 ----A---- C:\Windows\system32\cmlua.dll
2011-01-03 11:50:16 ----A---- C:\Windows\system32\UI0Detect.exe
2011-01-03 11:50:16 ----A---- C:\Windows\system32\mdminst.dll
2011-01-03 11:50:16 ----A---- C:\Windows\system32\dsauth.dll
2011-01-03 11:50:16 ----A---- C:\Windows\system32\drivers\irda.sys
2011-01-03 11:50:15 ----A---- C:\Windows\system32\w32tm.exe
2011-01-03 11:50:15 ----A---- C:\Windows\system32\net.exe
2011-01-03 11:50:15 ----A---- C:\Windows\system32\MPG4DECD.DLL
2011-01-03 11:50:15 ----A---- C:\Windows\system32\MP43DECD.DLL
2011-01-03 11:50:15 ----A---- C:\Windows\system32\drivers\monitor.sys
2011-01-03 11:50:14 ----A---- C:\Windows\system32\wmpshell.dll
2011-01-03 11:50:13 ----A---- C:\Windows\system32\srdelayed.exe
2011-01-03 11:50:13 ----A---- C:\Windows\system32\sdchange.exe
2011-01-03 11:50:13 ----A---- C:\Windows\system32\pnpts.dll
2011-01-03 11:50:13 ----A---- C:\Windows\system32\migisol.dll
2011-01-03 11:50:13 ----A---- C:\Windows\system32\ACW.exe
2011-01-03 11:50:12 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2011-01-03 11:50:12 ----A---- C:\Windows\system32\dispci.dll
2011-01-03 11:50:12 ----A---- C:\Windows\system32\diantz.exe
2011-01-03 11:50:12 ----A---- C:\Windows\system32\comrepl.dll
2011-01-03 11:50:12 ----A---- C:\Windows\system32\cmutil.dll
2011-01-03 11:50:11 ----A---- C:\Windows\system32\sfc.exe
2011-01-03 11:50:10 ----A---- C:\Windows\system32\dinput8.dll
2011-01-03 11:50:09 ----A---- C:\Windows\system32\wmidx.dll
2011-01-03 11:50:09 ----A---- C:\Windows\system32\remotepg.dll
2011-01-03 11:50:09 ----A---- C:\Windows\system32\pdhui.dll
2011-01-03 11:50:09 ----A---- C:\Windows\system32\nlaapi.dll
2011-01-03 11:50:09 ----A---- C:\Windows\system32\EncDump.dll
2011-01-03 11:50:09 ----A---- C:\Windows\system32\cfgbkend.dll
2011-01-03 11:50:08 ----A---- C:\Windows\system32\vdmredir.dll
2011-01-03 11:50:08 ----A---- C:\Windows\system32\utildll.dll
2011-01-03 11:50:08 ----A---- C:\Windows\system32\TpmInit.exe
2011-01-03 11:50:08 ----A---- C:\Windows\system32\hlink.dll
2011-01-03 11:50:08 ----A---- C:\Windows\system32\fwcfg.dll
2011-01-03 11:50:08 ----A---- C:\Windows\system32\expand.exe
2011-01-03 11:50:08 ----A---- C:\Windows\system32\colbact.dll
2011-01-03 11:50:08 ----A---- C:\Windows\system32\bridgeunattend.exe
2011-01-03 11:50:07 ----A---- C:\Windows\system32\McxDriv.dll
2011-01-03 11:50:07 ----A---- C:\Windows\system32\amstream.dll
2011-01-03 11:50:06 ----A---- C:\Windows\system32\wmvdspa.dll
2011-01-03 11:50:06 ----A---- C:\Windows\system32\vds_ps.dll
2011-01-03 11:50:06 ----A---- C:\Windows\system32\sti_ci.dll
2011-01-03 11:50:06 ----A---- C:\Windows\system32\rdrleakdiag.exe
2011-01-03 11:50:06 ----A---- C:\Windows\system32\esentutl.exe
2011-01-03 11:50:06 ----A---- C:\Windows\system32\bootcfg.exe
2011-01-03 11:50:05 ----A---- C:\Windows\system32\waitfor.exe
2011-01-03 11:50:05 ----A---- C:\Windows\system32\tabcal.exe
2011-01-03 11:50:05 ----A---- C:\Windows\system32\qdv.dll
2011-01-03 11:50:05 ----A---- C:\Windows\system32\iscsium.dll
2011-01-03 11:50:05 ----A---- C:\Windows\system32\cmcfg32.dll
2011-01-03 11:50:04 ----A---- C:\Windows\system32\dpnet.dll
2011-01-03 11:50:03 ----A---- C:\Windows\system32\wfapigp.dll
2011-01-03 11:50:03 ----A---- C:\Windows\system32\shutdown.exe
2011-01-03 11:50:03 ----A---- C:\Windows\system32\osblprov.dll
2011-01-03 11:50:03 ----A---- C:\Windows\system32\cacls.exe
2011-01-03 11:50:01 ----A---- C:\Windows\system32\wmpcm.dll
2011-01-03 11:50:01 ----A---- C:\Windows\system32\rasauto.dll
2011-01-03 11:50:01 ----A---- C:\Windows\system32\olethk32.dll
2011-01-03 11:50:01 ----A---- C:\Windows\system32\olesvr32.dll
2011-01-03 11:50:01 ----A---- C:\Windows\system32\msdtc.exe
2011-01-03 11:50:01 ----A---- C:\Windows\system32\mfvdsp.dll
2011-01-03 11:50:01 ----A---- C:\Windows\system32\DpiScaling.exe
2011-01-03 11:50:01 ----A---- C:\Windows\system32\COLORCNV.DLL
2011-01-03 11:50:00 ----A---- C:\Windows\system32\wpnpinst.exe
2011-01-03 11:50:00 ----A---- C:\Windows\system32\werdiagcontroller.dll
2011-01-03 11:50:00 ----A---- C:\Windows\system32\iscsiwmi.dll
2011-01-03 11:50:00 ----A---- C:\Windows\system32\drivers\1394bus.sys
2011-01-03 11:49:59 ----A---- C:\Windows\system32\wavemsp.dll
2011-01-03 11:49:58 ----A---- C:\Windows\system32\ufat.dll
2011-01-03 11:49:58 ----A---- C:\Windows\system32\sxproxy.dll
2011-01-03 11:49:58 ----A---- C:\Windows\system32\odbctrac.dll
2011-01-03 11:49:58 ----A---- C:\Windows\system32\at.exe
2011-01-03 11:49:57 ----A---- C:\Windows\system32\ucsvc.exe
2011-01-03 11:49:57 ----A---- C:\Windows\system32\rgb9rast.dll
2011-01-03 11:49:57 ----A---- C:\Windows\system32\RegCtrl.dll
2011-01-03 11:49:57 ----A---- C:\Windows\system32\convert.exe
2011-01-03 11:49:56 ----A---- C:\Windows\system32\xmlprovi.dll
2011-01-03 11:49:56 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2011-01-03 11:49:56 ----A---- C:\Windows\system32\prevhost.exe
2011-01-03 11:49:56 ----A---- C:\Windows\system32\mobsync.exe
2011-01-03 11:49:56 ----A---- C:\Windows\system32\itss.dll
2011-01-03 11:49:55 ----A---- C:\Windows\system32\netbtugc.exe
2011-01-03 11:49:55 ----A---- C:\Windows\system32\iscsied.dll
2011-01-03 11:49:55 ----A---- C:\Windows\system32\dskquota.dll
2011-01-03 11:49:55 ----A---- C:\Windows\system32\AuthFWGP.dll
2011-01-03 11:49:54 ----A---- C:\Windows\system32\tbs.dll
2011-01-03 11:49:54 ----A---- C:\Windows\system32\AtBroker.exe
2011-01-03 11:49:53 ----A---- C:\Windows\system32\srclient.dll
2011-01-03 11:49:53 ----A---- C:\Windows\system32\GuidedHelp.dll
2011-01-03 11:49:52 ----A---- C:\Windows\system32\unattendedjoin.exe
2011-01-03 11:49:51 ----A---- C:\Windows\system32\winnsi.dll
2011-01-03 11:49:51 ----A---- C:\Windows\system32\setupcln.dll
2011-01-03 11:49:51 ----A---- C:\Windows\system32\mydocs.dll
2011-01-03 11:49:51 ----A---- C:\Windows\system32\l2gpstore.dll
2011-01-03 11:49:51 ----A---- C:\Windows\system32\fphc.dll
2011-01-03 11:49:51 ----A---- C:\Windows\system32\drivers\i8042prt.sys
2011-01-03 11:49:51 ----A---- C:\Windows\system32\dmime.dll
2011-01-03 11:49:51 ----A---- C:\Windows\system32\cmpbk32.dll
2011-01-03 11:49:50 ----A---- C:\Windows\system32\regini.exe
2011-01-03 11:49:50 ----A---- C:\Windows\system32\napdsnap.dll
2011-01-03 11:49:50 ----A---- C:\Windows\system32\dsdmo.dll
2011-01-03 11:49:49 ----A---- C:\Windows\system32\odbccu32.dll
2011-01-03 11:49:49 ----A---- C:\Windows\system32\odbccr32.dll
2011-01-03 11:49:49 ----A---- C:\Windows\system32\msdart.dll
2011-01-03 11:49:49 ----A---- C:\Windows\system32\dot3dlg.dll
2011-01-03 11:49:49 ----A---- C:\Windows\system32\devenum.dll
2011-01-03 11:49:49 ----A---- C:\Windows\system32\apilogen.dll
2011-01-03 11:49:49 ----A---- C:\Windows\system32\amxread.dll
2011-01-03 11:49:48 ----A---- C:\Windows\system32\usbui.dll
2011-01-03 11:49:48 ----A---- C:\Windows\system32\msident.dll
2011-01-03 11:49:48 ----A---- C:\Windows\system32\drivers\tape.sys
2011-01-03 11:49:48 ----A---- C:\Windows\system32\drivers\asyncmac.sys
2011-01-03 11:49:48 ----A---- C:\Windows\system32\cmstplua.dll
2011-01-03 11:49:47 ----A---- C:\Windows\system32\VIDRESZR.DLL
2011-01-03 11:49:46 ----A---- C:\Windows\system32\wpclsp.dll
2011-01-03 11:49:46 ----A---- C:\Windows\system32\WINSRPC.DLL
2011-01-03 11:49:46 ----A---- C:\Windows\system32\vss_ps.dll
2011-01-03 11:49:46 ----A---- C:\Windows\system32\upnpcont.exe
2011-01-03 11:49:46 ----A---- C:\Windows\system32\RacAgent.exe
2011-01-03 11:49:46 ----A---- C:\Windows\system32\nsi.dll
2011-01-03 11:49:46 ----A---- C:\Windows\system32\nbtstat.exe
2011-01-03 11:49:46 ----A---- C:\Windows\system32\mtxlegih.dll
2011-01-03 11:49:46 ----A---- C:\Windows\system32\mtxdm.dll
2011-01-03 11:49:46 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2011-01-03 11:49:46 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2011-01-03 11:49:46 ----A---- C:\Windows\system32\avrt.dll
2011-01-03 11:49:45 ----A---- C:\Windows\system32\srwmi.dll
2011-01-03 11:49:45 ----A---- C:\Windows\system32\mfcsubs.dll
2011-01-03 11:49:45 ----A---- C:\Windows\system32\graftabl.com
2011-01-03 11:49:45 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2011-01-03 11:49:45 ----A---- C:\Windows\system32\drivers\filetrace.sys
2011-01-03 11:49:44 ----A---- C:\Windows\system32\rasphone.exe
2011-01-03 11:49:43 ----A---- C:\Windows\system32\wsock32.dll
2011-01-03 11:49:43 ----A---- C:\Windows\system32\wiarpc.dll
2011-01-03 11:49:43 ----A---- C:\Windows\system32\WavDest.dll
2011-01-03 11:49:43 ----A---- C:\Windows\system32\vfwwdm32.dll
2011-01-03 11:49:43 ----A---- C:\Windows\system32\syskey.exe
2011-01-03 11:49:43 ----A---- C:\Windows\system32\odbcbcp.dll
2011-01-03 11:49:43 ----A---- C:\Windows\system32\ndfetw.dll
2011-01-03 11:49:43 ----A---- C:\Windows\system32\extrac32.exe
2011-01-03 11:49:43 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-01-03 11:49:42 ----A---- C:\Windows\system32\procinst.dll
2011-01-03 11:49:42 ----A---- C:\Windows\system32\MP3DMOD.DLL
2011-01-03 11:49:42 ----A---- C:\Windows\system32\eventcls.dll
2011-01-03 11:49:42 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2011-01-03 11:49:42 ----A---- C:\Windows\system32\csrss.exe
2011-01-03 11:49:41 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2011-01-03 11:49:41 ----A---- C:\Windows\system32\d3dxof.dll
2011-01-03 11:49:40 ----A---- C:\Windows\system32\WlanMmHC.dll
2011-01-03 11:49:40 ----A---- C:\Windows\system32\wiadss.dll
2011-01-03 11:49:40 ----A---- C:\Windows\system32\TabbtnEx.dll
2011-01-03 11:49:40 ----A---- C:\Windows\system32\psbase.dll
2011-01-03 11:49:40 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2011-01-03 11:49:40 ----A---- C:\Windows\system32\drivers\rspndr.sys
2011-01-03 11:49:40 ----A---- C:\Windows\system32\dmscript.dll
2011-01-03 11:49:39 ----A---- C:\Windows\system32\Tabbtn.dll
2011-01-03 11:49:39 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2011-01-03 11:49:39 ----A---- C:\Windows\fveupdate.exe
2011-01-03 11:49:38 ----A---- C:\Windows\system32\Netplwiz.exe
2011-01-03 11:49:38 ----A---- C:\Windows\system32\drivers\tdi.sys
2011-01-03 11:49:38 ----A---- C:\Windows\system32\dmloader.dll
2011-01-03 11:49:38 ----A---- C:\Windows\system32\credssp.dll
2011-01-03 11:49:37 ----A---- C:\Windows\system32\wshcon.dll
2011-01-03 11:49:37 ----A---- C:\Windows\system32\icsunattend.exe
2011-01-03 11:49:37 ----A---- C:\Windows\system32\drivers\lltdio.sys
2011-01-03 11:49:35 ----A---- C:\Windows\system32\wship6.dll
2011-01-03 11:49:35 ----A---- C:\Windows\system32\PlaySndSrv.dll
2011-01-03 11:49:35 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2011-01-03 11:49:34 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2011-01-03 11:49:34 ----A---- C:\Windows\system32\sxsstore.dll
2011-01-03 11:49:34 ----A---- C:\Windows\system32\localui.dll
2011-01-03 11:49:34 ----A---- C:\Windows\system32\lltdapi.dll
2011-01-03 11:49:34 ----A---- C:\Windows\system32\ComputerDefaults.exe
2011-01-03 11:49:33 ----A---- C:\Windows\system32\tcpmon.ini
2011-01-03 11:49:33 ----A---- C:\Windows\system32\setupSNK.exe
2011-01-03 11:49:33 ----A---- C:\Windows\system32\OptionalFeatures.exe
2011-01-03 11:49:33 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2011-01-03 11:49:33 ----A---- C:\Windows\system32\icaapi.dll
2011-01-03 11:49:33 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2011-01-03 11:49:32 ----A---- C:\Windows\system32\sbunattend.exe
2011-01-03 11:49:32 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-01-03 11:49:31 ----A---- C:\Windows\system32\dmutil.dll
2011-01-03 11:49:29 ----A---- C:\Windows\system32\usbperf.dll
2011-01-03 11:49:29 ----A---- C:\Windows\system32\spopk.dll
2011-01-03 11:49:29 ----A---- C:\Windows\system32\serialui.dll
2011-01-03 11:49:26 ----A---- C:\Windows\system32\cofiredm.dll
2011-01-03 11:49:24 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2011-01-03 11:49:23 ----A---- C:\Windows\system32\rasctrs.dll
2011-01-03 11:49:23 ----A---- C:\Windows\system32\msobjs.dll
2011-01-03 11:49:22 ----A---- C:\Windows\system32\hnetmon.dll
2011-01-03 11:49:22 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2011-01-03 11:49:21 ----A---- C:\Windows\system32\drivers\qwavedrv.sys
2011-01-03 11:49:21 ----A---- C:\Windows\system32\drivers\netbios.sys
2011-01-03 11:49:20 ----A---- C:\Windows\system32\nlsbres.dll
2011-01-03 11:49:20 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2011-01-03 11:49:20 ----A---- C:\Windows\system32\esentprf.dll
2011-01-03 11:49:20 ----A---- C:\Windows\system32\drivers\modem.sys
2011-01-03 11:49:19 ----A---- C:\Windows\system32\LogonUI.exe
2011-01-03 11:49:19 ----A---- C:\Windows\system32\iprtprio.dll
2011-01-03 11:49:19 ----A---- C:\Windows\system32\drivers\drmk.sys
2011-01-03 11:49:17 ----A---- C:\Windows\system32\sdspres.dll
2011-01-03 11:49:16 ----A---- C:\Windows\system32\osbaseln.dll
2011-01-03 11:49:16 ----A---- C:\Windows\system32\cfgmgr32.dll
2011-01-03 11:49:13 ----A---- C:\Windows\system32\msmmsp.dll
2011-01-03 11:49:13 ----A---- C:\Windows\system32\drivers\msfs.sys
2011-01-03 11:49:12 ----A---- C:\Windows\system32\winusb.dll
2011-01-03 11:49:12 ----A---- C:\Windows\system32\rdpcfgex.dll
2011-01-03 11:49:12 ----A---- C:\Windows\system32\drivers\sermouse.sys
2011-01-03 11:49:12 ----A---- C:\Windows\system32\dispex.dll
2011-01-03 11:49:10 ----A---- C:\Windows\system32\drivers\mouhid.sys
2011-01-03 11:49:08 ----A---- C:\Windows\system32\drivers\mcd.sys
2011-01-03 11:49:07 ----A---- C:\Windows\system32\Nlsdl.dll
2011-01-03 11:49:07 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2011-01-03 11:49:07 ----A---- C:\Windows\system32\drivers\irenum.sys
2011-01-03 11:49:06 ----A---- C:\Windows\system32\riched32.dll
2011-01-03 11:49:06 ----A---- C:\Windows\system32\msidle.dll
2011-01-03 11:49:06 ----A---- C:\Windows\system32\idndl.dll
2011-01-03 11:49:06 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys
2011-01-03 11:49:06 ----A---- C:\Windows\system32\drivers\rootmdm.sys
2011-01-03 11:49:04 ----A---- C:\Windows\system32\drivers\rasacd.sys
2011-01-03 11:49:04 ----A---- C:\Windows\system32\drivers\CmBatt.sys
2011-01-03 11:49:04 ----A---- C:\Windows\system32\drivers\bdasup.sys
2011-01-03 11:49:03 ----A---- C:\Windows\system32\drivers\smclib.sys
2011-01-03 11:49:02 ----A---- C:\Windows\system32\KBDKOR.DLL
2011-01-03 11:49:02 ----A---- C:\Windows\system32\KBDJPN.DLL
2011-01-03 11:49:02 ----A---- C:\Windows\system32\drivers\umpass.sys
2011-01-03 11:49:02 ----A---- C:\Windows\system32\drivers\mskssrv.sys
2011-01-03 11:49:02 ----A---- C:\Windows\system32\drivers\dxapi.sys
2011-01-03 11:49:02 ----A---- C:\Windows\system32\drivers\beep.sys
2011-01-03 11:49:01 ----A---- C:\Windows\system32\drivers\vga.sys
2011-01-03 11:49:01 ----A---- C:\Windows\system32\drivers\null.sys
2011-01-03 11:49:00 ----A---- C:\Windows\system32\drivers\RDPENCDD.sys
2011-01-03 11:49:00 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2011-01-03 11:49:00 ----A---- C:\Windows\system32\drivers\hidparse.sys
2011-01-03 11:48:59 ----A---- C:\Windows\system32\vga256.dll
2011-01-03 11:48:59 ----A---- C:\Windows\system32\tsddd.dll
2011-01-03 11:48:59 ----A---- C:\Windows\system32\framebuf.dll
2011-01-03 11:48:59 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-01-03 11:48:59 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2011-01-03 11:48:58 ----A---- C:\Windows\system32\vga64k.dll
2011-01-03 11:48:58 ----A---- C:\Windows\system32\drivers\mstee.sys
2011-01-03 11:48:57 ----A---- C:\Windows\system32\vga.dll
2011-01-03 11:48:57 ----A---- C:\Windows\system32\drivers\mspclock.sys
2011-01-03 11:48:57 ----A---- C:\Windows\system32\bootstr.dll
2011-01-03 11:48:56 ----A---- C:\Windows\system32\drivers\mspqm.sys
2011-01-03 11:48:56 ----A---- C:\Windows\system32\dmdskres2.dll
2011-01-03 11:48:55 ----A---- C:\Windows\system32\spwizres.dll
2011-01-03 11:48:52 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2011-01-03 11:48:50 ----A---- C:\Windows\system32\fsmgmt.msc
2011-01-03 11:48:41 ----A---- C:\Windows\system32\perfmon.msc
2011-01-03 11:47:18 ----A---- C:\Windows\system32\xmllite.dll
2011-01-03 11:47:12 ----A---- C:\Windows\system32\wbemcomn.dll
2011-01-03 11:46:49 ----A---- C:\Windows\system32\sqmapi.dll
2011-01-03 11:46:47 ----A---- C:\Windows\system32\SmiInstaller.dll
2011-01-03 11:44:58 ----A---- C:\Windows\system32\mspatcha.dll
2011-01-03 11:44:58 ----A---- C:\Windows\system32\msdelta.dll
2011-01-03 11:44:58 ----A---- C:\Windows\system32\dpx.dll
2011-01-03 09:17:29 ----D---- C:\ScrubTmp
2011-01-02 22:47:37 ----D---- C:\Program Files\Common Files\Windows Live
2011-01-02 22:46:08 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-02 21:59:00 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-01-02 21:59:00 ----A---- C:\Windows\system32\RMActivate.exe
2011-01-02 21:58:59 ----A---- C:\Windows\system32\secproc_isv.dll
2011-01-02 21:58:59 ----A---- C:\Windows\system32\secproc.dll
2011-01-02 21:58:58 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-01-02 21:58:58 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-01-02 21:58:57 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-01-02 21:58:57 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-01-02 21:58:57 ----A---- C:\Windows\system32\msdrm.dll
2011-01-02 21:47:20 ----A---- C:\Windows\system32\unregmp2.exe
2011-01-02 19:14:32 ----D---- C:\Windows\SQL9_KB970892_ENU
2011-01-02 18:43:17 ----A---- C:\Windows\system32\jscript.dll
2011-01-02 18:41:35 ----A---- C:\Windows\system32\vbscript.dll
2011-01-02 18:35:54 ----D---- C:\Program Files\Secunia
2011-01-02 15:21:13 ----A---- C:\Windows\system32\mshtmler.dll
2011-01-02 15:21:13 ----A---- C:\Windows\system32\icardie.dll
2011-01-02 15:21:13 ----A---- C:\Windows\system32\admparse.dll
2011-01-02 15:21:12 ----A---- C:\Windows\system32\msls31.dll
2011-01-02 15:21:12 ----A---- C:\Windows\system32\ieakeng.dll
2011-01-02 15:21:12 ----A---- C:\Windows\system32\corpol.dll
2011-01-02 15:21:11 ----A---- C:\Windows\system32\imgutil.dll
2011-01-02 15:21:11 ----A---- C:\Windows\system32\dxtrans.dll
2011-01-02 15:21:11 ----A---- C:\Windows\system32\dxtmsft.dll
2011-01-02 15:21:10 ----A---- C:\Windows\system32\inseng.dll
2011-01-02 15:21:10 ----A---- C:\Windows\system32\ieaksie.dll
2011-01-02 15:21:09 ----A---- C:\Windows\system32\WinFXDocObj.exe
2011-01-02 15:21:09 ----A---- C:\Windows\system32\wextract.exe
2011-01-02 15:21:09 ----A---- C:\Windows\system32\webcheck.dll
2011-01-02 15:21:09 ----A---- C:\Windows\system32\msrating.dll
2011-01-02 15:21:09 ----A---- C:\Windows\system32\ieakui.dll
2011-01-02 15:21:08 ----A---- C:\Windows\system32\pngfilt.dll
2011-01-02 15:21:08 ----A---- C:\Windows\system32\advpack.dll
2011-01-02 15:21:07 ----A---- C:\Windows\system32\ieapfltr.dll
2011-01-02 15:21:06 ----A---- C:\Windows\system32\url.dll
2011-01-02 15:21:04 ----A---- C:\Windows\system32\mshta.exe
2011-01-02 15:21:04 ----A---- C:\Windows\system32\iexpress.exe
2011-01-02 15:21:03 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-01-02 15:21:03 ----A---- C:\Windows\system32\SetDepNx.exe
2011-01-02 15:21:03 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-01-02 15:21:03 ----A---- C:\Windows\system32\PDMSetup.exe
2011-01-02 14:02:16 ----D---- C:\f9cadaec00adcd1c8761
2011-01-02 13:16:31 ----A---- C:\Windows\system32\winhttp.dll
2011-01-02 12:44:11 ----A---- C:\Windows\system32\L2SecHC.dll
2011-01-02 12:44:10 ----A---- C:\Windows\system32\wlansvc.dll
2011-01-02 12:44:10 ----A---- C:\Windows\system32\wlanmsm.dll
2011-01-02 12:44:10 ----A---- C:\Windows\system32\wlanhlp.dll
2011-01-02 12:44:10 ----A---- C:\Windows\system32\wlanapi.dll
2011-01-02 12:44:09 ----A---- C:\Windows\system32\wlansec.dll
2011-01-02 12:44:06 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2011-01-02 12:41:05 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2011-01-02 12:41:05 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2011-01-02 12:41:05 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2011-01-02 12:41:04 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2011-01-02 12:41:04 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2011-01-02 12:41:04 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2011-01-02 12:41:03 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2011-01-02 12:41:03 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2011-01-02 12:41:02 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2011-01-02 12:41:01 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2011-01-02 12:41:01 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2011-01-02 12:41:00 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2011-01-02 12:41:00 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2011-01-02 12:40:59 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2011-01-02 12:40:59 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2011-01-02 12:40:58 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2011-01-02 12:40:57 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2011-01-02 12:40:56 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2011-01-02 12:40:56 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2011-01-02 12:40:54 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2011-01-02 12:40:54 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2011-01-02 12:40:53 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2011-01-02 12:40:53 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2011-01-02 12:40:53 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2011-01-02 12:40:52 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2011-01-02 12:40:52 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2011-01-02 12:40:51 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2011-01-02 12:40:50 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2011-01-02 12:40:49 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2011-01-02 12:40:48 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2011-01-02 12:40:48 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2011-01-02 12:40:47 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2011-01-02 12:40:47 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2011-01-02 12:40:47 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2011-01-02 12:40:46 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2011-01-02 12:40:45 ----A---- C:\Windows\system32\NlsModels0011.dll
2011-01-02 12:40:45 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2011-01-02 12:40:44 ----A---- C:\Windows\system32\NlsData0046.dll
2011-01-02 12:40:44 ----A---- C:\Windows\system32\NlsData0045.dll
2011-01-02 12:40:43 ----A---- C:\Windows\system32\NlsData0049.dll
2011-01-02 12:40:43 ----A---- C:\Windows\system32\NlsData0047.dll
2011-01-02 12:40:43 ----A---- C:\Windows\system32\NlsData0039.dll
2011-01-02 12:40:42 ----A---- C:\Windows\system32\NlsData0020.dll
2011-01-02 12:40:41 ----A---- C:\Windows\system32\NlsData0024.dll
2011-01-02 12:40:41 ----A---- C:\Windows\system32\NlsData0022.dll
2011-01-02 12:40:41 ----A---- C:\Windows\system32\NlsData0021.dll
2011-01-02 12:40:40 ----A---- C:\Windows\system32\NlsData0027.dll
2011-01-02 12:40:40 ----A---- C:\Windows\system32\NlsData0026.dll
2011-01-02 12:40:39 ----A---- C:\Windows\system32\NlsData0011.dll
2011-01-02 12:40:39 ----A---- C:\Windows\system32\NlsData0010.dll
2011-01-02 12:40:38 ----A---- C:\Windows\system32\NlsData0018.dll
2011-01-02 12:40:38 ----A---- C:\Windows\system32\NlsData0013.dll
2011-01-02 12:40:38 ----A---- C:\Windows\system32\NlsData0000.dll
2011-01-02 12:40:37 ----A---- C:\Windows\system32\NlsData0019.dll
2011-01-02 12:40:37 ----A---- C:\Windows\system32\NlsData0001.dll
2011-01-02 12:40:36 ----A---- C:\Windows\system32\NlsData0007.dll
2011-01-02 12:40:36 ----A---- C:\Windows\system32\NlsData0003.dll
2011-01-02 12:40:36 ----A---- C:\Windows\system32\NlsData0002.dll
2011-01-02 12:40:35 ----A---- C:\Windows\system32\NlsData004a.dll
2011-01-02 12:40:35 ----A---- C:\Windows\system32\NlsData0009.dll
2011-01-02 12:40:34 ----A---- C:\Windows\system32\NlsData004c.dll
2011-01-02 12:40:34 ----A---- C:\Windows\system32\NlsData004b.dll
2011-01-02 12:40:33 ----A---- C:\Windows\system32\NlsData004e.dll
2011-01-02 12:40:33 ----A---- C:\Windows\system32\NlsData003e.dll
2011-01-02 12:40:33 ----A---- C:\Windows\system32\NlsData002a.dll
2011-01-02 12:40:32 ----A---- C:\Windows\system32\NlsData001b.dll
2011-01-02 12:40:32 ----A---- C:\Windows\system32\NlsData001a.dll
2011-01-02 12:40:30 ----A---- C:\Windows\system32\NlsData001d.dll
2011-01-02 12:40:29 ----A---- C:\Windows\system32\NlsData000c.dll
2011-01-02 12:40:29 ----A---- C:\Windows\system32\NlsData000a.dll
2011-01-02 12:40:28 ----A---- C:\Windows\system32\NlsData000f.dll
2011-01-02 12:40:28 ----A---- C:\Windows\system32\NlsData000d.dll
2011-01-02 12:40:26 ----A---- C:\Windows\system32\NlsData0414.dll
2011-01-02 12:40:25 ----A---- C:\Windows\system32\NlsData0416.dll
2011-01-02 12:40:24 ----A---- C:\Windows\system32\NlsData081a.dll
2011-01-02 12:40:24 ----A---- C:\Windows\system32\NlsData0816.dll
2011-01-02 12:40:23 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2011-01-02 12:40:23 ----A---- C:\Windows\system32\NlsData0c1a.dll
2011-01-02 09:51:47 ----A---- C:\Windows\system32\kerberos.dll
2011-01-02 09:49:56 ----A---- C:\Windows\system32\kbd106n.dll
2011-01-01 22:30:43 ----A---- C:\Windows\system32\drivers\mod7700.sys
2011-01-01 22:30:43 ----A---- C:\Windows\system32\drivers\ewusbnet.sys
2011-01-01 22:30:43 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys
2011-01-01 22:30:43 ----A---- C:\Windows\system32\drivers\ewusbfake.sys
2011-01-01 22:30:43 ----A---- C:\Windows\system32\drivers\ewdcsc.sys
2011-01-01 22:30:01 ----D---- C:\Program Files\Mobile Partner
2011-01-01 22:27:51 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\Adobe
2011-01-01 22:27:33 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\Identities
2011-01-01 22:25:23 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\Sony Corporation
2011-01-01 22:25:19 ----SD---- C:\Users\UniversalMessenger\AppData\Roaming\Microsoft
2011-01-01 22:25:19 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\Media Center Programs
2011-01-01 21:08:44 ----D---- C:\Program Files\X1 Desktop Search Installer
2011-01-01 21:07:08 ----A---- C:\Windows\system32\TCPSVCS.EXE
2011-01-01 21:07:08 ----A---- C:\Windows\system32\MRINFO.EXE
2011-01-01 21:07:08 ----A---- C:\Windows\system32\HOSTNAME.EXE
2011-01-01 21:07:07 ----A---- C:\Windows\system32\ROUTE.EXE
2011-01-01 21:07:07 ----A---- C:\Windows\system32\NETSTAT.EXE
2011-01-01 21:07:07 ----A---- C:\Windows\system32\netiohlp.dll
2011-01-01 21:07:07 ----A---- C:\Windows\system32\finger.exe
2011-01-01 21:07:07 ----A---- C:\Windows\system32\ARP.EXE
2011-01-01 21:06:19 ----A---- C:\Windows\system32\mf.dll
2011-01-01 21:06:18 ----A---- C:\Windows\system32\rrinstaller.exe
2011-01-01 21:06:18 ----A---- C:\Windows\system32\mfps.dll
2011-01-01 21:06:18 ----A---- C:\Windows\system32\mfpmp.exe
2011-01-01 21:06:18 ----A---- C:\Windows\system32\mferror.dll
2011-01-01 21:06:17 ----A---- C:\Windows\system32\WMVCORE.DLL
2011-01-01 21:05:37 ----A---- C:\Windows\system32\tsgqec.dll
2011-01-01 21:05:37 ----A---- C:\Windows\system32\mstscax.dll
2011-01-01 21:05:37 ----A---- C:\Windows\system32\aaclient.dll
2011-01-01 21:03:44 ----A---- C:\Windows\system32\iphlpsvc.dll
2011-01-01 21:03:44 ----A---- C:\Windows\system32\drivers\tunnel.sys
2011-01-01 21:03:44 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2011-01-01 21:03:43 ----A---- C:\Windows\system32\drivers\TUNMP.SYS
2011-01-01 21:02:54 ----A---- C:\Windows\system32\wshrm.dll
2011-01-01 21:02:23 ----A---- C:\Windows\system32\wmpdxm.dll
2011-01-01 21:02:18 ----A---- C:\Windows\system32\spwmp.dll
2011-01-01 21:02:17 ----A---- C:\Windows\system32\dxmasf.dll
2011-01-01 20:59:21 ----A---- C:\Windows\system32\msvidc32.dll
2011-01-01 20:59:21 ----A---- C:\Windows\system32\msvfw32.dll
2011-01-01 20:59:21 ----A---- C:\Windows\system32\msrle32.dll
2011-01-01 20:59:21 ----A---- C:\Windows\system32\mciavi32.dll
2011-01-01 20:59:21 ----A---- C:\Windows\system32\avifil32.dll
2011-01-01 20:59:21 ----A---- C:\Windows\system32\avicap32.dll
2011-01-01 20:59:17 ----A---- C:\Windows\system32\quartz.dll
2011-01-01 20:59:13 ----A---- C:\Windows\system32\tsbyuv.dll
2011-01-01 20:59:13 ----A---- C:\Windows\system32\msyuv.dll
2011-01-01 20:59:13 ----A---- C:\Windows\system32\iyuv_32.dll
2011-01-01 20:56:51 ----D---- C:\Program Files\Common Files\InterVideo
2011-01-01 20:55:57 ----D---- C:\Program Files\InterVideo
2011-01-01 20:54:02 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-01-01 20:54:01 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-01-01 20:54:01 ----A---- C:\Windows\system32\d3dx10.dll
2011-01-01 20:53:59 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-01-01 20:53:59 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-01-01 20:53:59 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-01-01 20:53:58 ----A---- C:\Windows\system32\xinput1_3.dll
2011-01-01 20:53:57 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-01-01 20:53:56 ----A---- C:\Windows\system32\xinput1_2.dll
2011-01-01 20:53:56 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-01-01 20:53:55 ----A---- C:\Windows\system32\xinput1_1.dll
2011-01-01 20:53:55 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-01-01 20:53:54 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-01-01 20:53:44 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-01-01 20:53:43 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-01-01 20:53:43 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-01-01 20:53:41 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-01-01 20:53:39 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-01-01 20:53:38 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-01-01 20:53:37 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-01-01 20:53:35 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-01-01 20:53:33 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-01-01 20:33:48 ----D---- C:\Windows\system32\Spiderman 3 dir
2011-01-01 20:28:29 ----A---- C:\Windows\system32\CDDBUISony.dll
2011-01-01 20:28:29 ----A---- C:\Windows\system32\CddbPlaylist2Sony.dll
2011-01-01 20:28:29 ----A---- C:\Windows\system32\CddbMusicIDSony.dll
2011-01-01 20:28:29 ----A---- C:\Windows\system32\CddbLinkSony.dll
2011-01-01 20:28:29 ----A---- C:\Windows\system32\CDDBControlSony.dll
2011-01-01 20:24:48 ----D---- C:\ProgramData\Sonic
2011-01-01 20:19:01 ----A---- C:\Windows\system32\lpk.dll
2011-01-01 20:19:01 ----A---- C:\Windows\system32\dciman32.dll
2011-01-01 20:18:47 ----D---- C:\ProgramData\Corel
2011-01-01 20:18:39 ----A---- C:\Windows\system32\winipsec.dll
2011-01-01 20:18:38 ----A---- C:\Windows\system32\polstore.dll
2011-01-01 20:18:06 ----A---- C:\ProgramData\pswi_preloaded.exe
2011-01-01 20:17:27 ----A---- C:\Windows\system32\msxml6.dll
2011-01-01 20:17:26 ----A---- C:\Windows\system32\msxml3r.dll
2011-01-01 20:17:25 ----A---- C:\Windows\system32\msxml6r.dll
2011-01-01 20:17:01 ----A---- C:\Windows\system32\wdigest.dll
2011-01-01 20:17:01 ----A---- C:\Windows\system32\secur32.dll
2011-01-01 20:17:01 ----A---- C:\Windows\system32\msv1_0.dll
2011-01-01 20:17:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2011-01-01 20:17:00 ----A---- C:\Windows\system32\lsass.exe
2011-01-01 20:17:00 ----A---- C:\Windows\system32\lsasrv.dll
2011-01-01 20:16:03 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-01-01 20:16:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-01-01 20:16:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-01-01 20:15:12 ----A---- C:\Windows\system32\msonpmon.dll
2011-01-01 20:14:31 ----A---- C:\Windows\system32\atl.dll
2011-01-01 20:13:35 ----A---- C:\Windows\system32\wkssvc.dll
2011-01-01 20:12:25 ----D---- C:\ProgramData\Microsoft Help
2011-01-01 20:11:20 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2011-01-01 20:11:12 ----A---- C:\Windows\system32\localspl.dll
2011-01-01 20:08:53 ----A---- C:\Windows\system32\browserchoice.exe
2011-01-01 20:08:35 ----A---- C:\Windows\system32\printcom.dll
2011-01-01 20:07:12 ----A---- C:\Windows\system32\INETRES.dll
2011-01-01 20:07:03 ----A---- C:\Windows\system32\msasn1.dll
2011-01-01 20:06:44 ----A---- C:\Windows\system32\rpcrt4.dll
2011-01-01 20:06:15 ----A---- C:\Windows\system32\nshhttp.dll
2011-01-01 20:06:15 ----A---- C:\Windows\system32\httpapi.dll
2011-01-01 20:06:15 ----A---- C:\Windows\system32\drivers\http.sys
2011-01-01 20:05:04 ----A---- C:\Windows\system32\rastls.dll
2011-01-01 20:04:57 ----A---- C:\Windows\system32\WSDApi.dll
2011-01-01 20:02:02 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2011-01-01 20:00:07 ----A---- C:\Windows\system32\capicom.dll
2011-01-01 20:00:00 ----D---- C:\ProgramData\Symantec
2011-01-01 19:59:47 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-01-01 19:58:06 ----D---- C:\Program Files\Microsoft Office
2011-01-01 19:56:55 ----D---- C:\Program Files\Microsoft Works
2011-01-01 19:54:49 ----D---- C:\Windows\Downloaded Installations
2011-01-01 19:53:40 ----HD---- C:\InstantON
2011-01-01 19:49:24 ----D---- C:\Program Files\Sony Picture Games
2011-01-01 19:42:08 ----D---- C:\ProgramData\FLEXnet
2011-01-01 19:41:18 ----RA---- C:\Windows\system32\AdobePDF.dll
2011-01-01 19:37:07 ----D---- C:\Program Files\Common Files\supportsoft
2011-01-01 19:37:06 ----A---- C:\Windows\system32\cdintf251.dll
2011-01-01 19:35:03 ----D---- C:\ProgramData\Intuit
2011-01-01 19:35:03 ----D---- C:\Program Files\Intuit
2011-01-01 19:35:03 ----D---- C:\Program Files\Common Files\Intuit
2011-01-01 19:34:52 ----D---- C:\ProgramData\COMMON FILES
2011-01-01 19:32:47 ----D---- C:\Windows\system32\URTTEMP
2011-01-01 19:30:05 ----D---- C:\Program Files\Common Files\AOL
2011-01-01 19:30:05 ----D---- C:\Program Files\AOL
2011-01-01 19:29:50 ----D---- C:\Program Files\Online Services
2011-01-01 19:23:29 ----D---- C:\Windows\SoftwareDistribution
2011-01-01 19:19:33 ----ASH---- C:\hiberfil.sys
2011-01-01 19:19:31 ----SHD---- C:\System Volume Information
2011-01-01 19:19:31 ----ASH---- C:\pagefile.sys
2011-01-01 16:57:01 ----D---- C:\ProgramData\Sun
2011-01-01 16:56:05 ----A---- C:\Windows\system32\javaws.exe
2011-01-01 16:56:05 ----A---- C:\Windows\system32\javaw.exe
2011-01-01 16:56:05 ----A---- C:\Windows\system32\java.exe
2011-01-01 16:56:05 ----A---- C:\Windows\system32\deployJava1.dll
2011-01-01 16:50:20 ----D---- C:\Windows\Intuit
2011-01-01 16:26:40 ----D---- C:\ProgramData\Yahoo!
2011-01-01 15:56:52 ----N---- C:\Windows\system32\MpSigStub.exe
2011-01-01 15:39:54 ----D---- C:\Program Files\Yahoo!
2011-01-01 15:33:43 ----D---- C:\Program Files\CCleaner
2011-01-01 15:22:25 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\Goodsol
2011-01-01 15:21:59 ----D---- C:\Program Files\Most Popular Solitaire
2011-01-01 14:27:34 ----A---- C:\Windows\system32\wintrust.dll
2011-01-01 14:27:28 ----A---- C:\Windows\system32\cabview.dll
2011-01-01 13:52:51 ----D---- C:\Users\UniversalMessenger\AppData\Roaming\Macromedia
2011-01-01 13:52:40 ----A---- C:\Windows\system32\wucltux.dll
2011-01-01 13:52:39 ----A---- C:\Windows\system32\wups2.dll
2011-01-01 13:52:39 ----A---- C:\Windows\system32\wuaueng.dll
2011-01-01 13:52:39 ----A---- C:\Windows\system32\wuauclt.exe
2011-01-01 13:52:17 ----A---- C:\Windows\system32\wups.dll
2011-01-01 13:52:17 ----A---- C:\Windows\system32\wudriver.dll
2011-01-01 13:52:17 ----A---- C:\Windows\system32\wuapi.dll
2011-01-01 13:51:59 ----A---- C:\Windows\system32\wuwebv.dll
2011-01-01 13:51:59 ----A---- C:\Windows\system32\wuapp.exe
2011-01-01 13:47:56 ----D---- C:\Program Files\Microsoft Security Client

======List of files/folders modified in the last 1 months======

2011-01-08 14:17:15 ----D---- C:\Windows\Prefetch
2011-01-08 14:16:54 ----D---- C:\Windows\Temp
2011-01-08 14:16:52 ----RD---- C:\Program Files
2011-01-08 11:01:22 ----D---- C:\Windows\System32
2011-01-08 11:01:22 ----D---- C:\Windows\inf
2011-01-08 11:01:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-07 21:26:32 ----D---- C:\Windows
2011-01-07 19:22:22 ----D---- C:\Windows\rescache
2011-01-07 19:06:49 ----D---- C:\Windows\system32\Tasks
2011-01-07 19:03:22 ----D---- C:\Windows\system32\en-US
2011-01-07 19:03:21 ----D---- C:\Windows\system32\drivers\en-US
2011-01-07 19:03:20 ----D---- C:\Windows\system32\wbem
2011-01-07 19:03:20 ----D---- C:\Windows\system32\drivers
2011-01-07 19:03:18 ----D---- C:\Windows\system32\pt-BR
2011-01-07 19:03:18 ----D---- C:\Windows\system32\it-IT
2011-01-07 19:03:18 ----D---- C:\Windows\system32\bg-BG
2011-01-07 19:03:17 ----D---- C:\Windows\system32\zh-TW
2011-01-07 19:03:17 ----D---- C:\Windows\system32\zh-HK
2011-01-07 19:03:17 ----D---- C:\Windows\system32\zh-CN
2011-01-07 19:03:17 ----D---- C:\Windows\system32\uk-UA
2011-01-07 19:03:17 ----D---- C:\Windows\system32\tr-TR
2011-01-07 19:03:17 ----D---- C:\Windows\system32\th-TH
2011-01-07 19:03:17 ----D---- C:\Windows\system32\sv-SE
2011-01-07 19:03:17 ----D---- C:\Windows\system32\sr-Latn-CS
2011-01-07 19:03:17 ----D---- C:\Windows\system32\sl-SI
2011-01-07 19:03:17 ----D---- C:\Windows\system32\sk-SK
2011-01-07 19:03:17 ----D---- C:\Windows\system32\ru-RU
2011-01-07 19:03:17 ----D---- C:\Windows\system32\ro-RO
2011-01-07 19:03:17 ----D---- C:\Windows\system32\pt-PT
2011-01-07 19:03:17 ----D---- C:\Windows\system32\pl-PL
2011-01-07 19:03:17 ----D---- C:\Windows\system32\nl-NL
2011-01-07 19:03:17 ----D---- C:\Windows\system32\nb-NO
2011-01-07 19:03:17 ----D---- C:\Windows\system32\lv-LV
2011-01-07 19:03:17 ----D---- C:\Windows\system32\lt-LT
2011-01-07 19:03:17 ----D---- C:\Windows\system32\ko-KR
2011-01-07 19:03:17 ----D---- C:\Windows\system32\ja-JP
2011-01-07 19:03:17 ----D---- C:\Windows\system32\hu-HU
2011-01-07 19:03:17 ----D---- C:\Windows\system32\hr-HR
2011-01-07 19:03:17 ----D---- C:\Windows\system32\he-IL
2011-01-07 19:03:17 ----D---- C:\Windows\system32\fr-FR
2011-01-07 19:03:17 ----D---- C:\Windows\system32\fi-FI
2011-01-07 19:03:17 ----D---- C:\Windows\system32\et-EE
2011-01-07 19:03:17 ----D---- C:\Windows\system32\es-ES
2011-01-07 19:03:17 ----D---- C:\Windows\system32\el-GR
2011-01-07 19:03:17 ----D---- C:\Windows\system32\de-DE
2011-01-07 19:03:17 ----D---- C:\Windows\system32\da-DK
2011-01-07 19:03:17 ----D---- C:\Windows\system32\cs-CZ
2011-01-07 19:03:17 ----D---- C:\Windows\system32\ar-SA
2011-01-07 19:03:07 ----D---- C:\Windows\system32\drivers\UMDF
2011-01-07 19:01:10 ----SHD---- C:\Windows\Installer
2011-01-07 19:01:10 ----D---- C:\Program Files\Common Files\microsoft shared
2011-01-07 18:54:45 ----SD---- C:\ProgramData\Microsoft
2011-01-07 18:52:41 ----RSD---- C:\Windows\Fonts
2011-01-07 18:49:23 ----D---- C:\Windows\winsxs
2011-01-07 18:43:32 ----D---- C:\Windows\system32\catroot
2011-01-07 18:42:52 ----D---- C:\Windows\system32\catroot2
2011-01-07 12:52:47 ----HD---- C:\ProgramData
2011-01-07 12:37:06 ----D---- C:\Program Files\Common Files
2011-01-07 11:24:56 ----D---- C:\Windows\Logs
2011-01-06 21:45:58 ----D---- C:\Windows\Microsoft.NET
2011-01-06 21:45:36 ----RSD---- C:\Windows\assembly
2011-01-06 21:25:35 ----D---- C:\Program Files\Internet Explorer
2011-01-06 21:24:17 ----D---- C:\Windows\PolicyDefinitions
2011-01-06 10:13:14 ----D---- C:\Windows\Tasks
2011-01-04 11:02:36 ----D---- C:\Windows\Debug
2011-01-04 10:40:02 ----SHD---- C:\Boot
2011-01-04 10:32:19 ----D---- C:\Program Files\Windows Mail
2011-01-04 10:32:19 ----D---- C:\Program Files\Windows Calendar
2011-01-04 10:32:19 ----D---- C:\Program Files\Movie Maker
2011-01-04 10:32:18 ----D---- C:\Program Files\Windows Sidebar
2011-01-04 10:32:18 ----D---- C:\Program Files\Windows Media Player
2011-01-04 10:32:18 ----D---- C:\Program Files\Windows Journal
2011-01-04 10:32:18 ----D---- C:\Program Files\Windows Collaboration
2011-01-04 10:32:17 ----D---- C:\Program Files\Windows Photo Gallery
2011-01-04 10:32:17 ----D---- C:\Program Files\Common Files\System
2011-01-04 10:32:16 ----D---- C:\Windows\servicing
2011-01-04 10:32:16 ----D---- C:\Windows\ehome
2011-01-04 10:32:16 ----D---- C:\Program Files\Windows Defender
2011-01-04 10:32:11 ----D---- C:\Windows\system32\XPSViewer
2011-01-04 10:32:11 ----D---- C:\Windows\IME
2011-01-04 10:32:06 ----D---- C:\Windows\system32\oobe
2011-01-04 10:32:06 ----D---- C:\Windows\system32\migration
2011-01-04 10:32:05 ----D---- C:\Windows\system32\SLUI
2011-01-04 10:32:05 ----D---- C:\Windows\system32\setup
2011-01-04 10:32:05 ----D---- C:\Windows\system32\AdvancedInstallers
2011-01-04 10:32:04 ----D---- C:\Windows\system32\manifeststore
2011-01-04 10:32:04 ----D---- C:\Windows\system32\en
2011-01-04 10:32:02 ----D---- C:\Windows\system32\migwiz
2011-01-04 10:31:44 ----D---- C:\Windows\AppPatch
2011-01-04 10:31:29 ----D---- C:\Windows\system32\Boot
2011-01-04 10:22:51 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont
2011-01-03 12:59:06 ----ASH---- C:\Program Files\desktop.ini
2011-01-03 12:49:14 ----D---- C:\Windows\MSAgent
2011-01-03 12:49:12 ----D---- C:\Windows\L2Schemas
2011-01-03 12:49:12 ----D---- C:\Windows\DigitalLocker
2011-01-03 12:49:10 ----D---- C:\Windows\system32\com
2011-01-03 12:48:59 ----D---- C:\Windows\system32\sysprep
2011-01-03 12:48:55 ----D---- C:\Windows\system32\ias
2011-01-03 12:47:55 ----D---- C:\Windows\Boot
2011-01-03 12:16:09 ----A---- C:\Windows\system32\ifxcardm.dll
2011-01-03 12:16:06 ----A---- C:\Windows\system32\axaltocm.dll
2011-01-03 09:13:57 ----D---- C:\Windows\ShellNew
2011-01-03 08:53:33 ----D---- C:\Program Files\Microsoft SQL Server
2011-01-03 08:51:13 ----D---- C:\Windows\Registration
2011-01-02 22:57:18 ----D---- C:\Windows\system32\ras
2011-01-02 22:57:18 ----D---- C:\Windows\system32\icsxml
2011-01-02 13:41:57 ----D---- C:\Program Files\Common Files\Sony Shared
2011-01-02 13:41:55 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-02 13:41:54 ----D---- C:\ProgramData\Sony Corporation
2011-01-02 13:40:00 ----D---- C:\Program Files\Sony
2011-01-01 22:32:39 ----D---- C:\Windows\ModemLogs
2011-01-01 22:27:43 ----SHD---- C:\$Recycle.Bin
2011-01-01 22:18:21 ----D---- C:\Windows\PANTHER
2011-01-01 20:45:50 ----A---- C:\Windows\system32\omginstlog.txt
2011-01-01 20:26:57 ----D---- C:\Program Files\Common Files\InstallShield
2011-01-01 20:25:49 ----D---- C:\Windows\system32\WDI
2011-01-01 19:30:18 ----D---- C:\Windows\system32\restore
2011-01-01 16:57:00 ----D---- C:\Program Files\Common Files\Java
2011-01-01 16:55:34 ----D---- C:\Program Files\Java
2011-01-01 14:53:14 ----RD---- C:\Users
2011-01-01 14:52:37 ----D---- C:\ProgramData\Napster
2011-01-01 14:34:50 ----D---- C:\ProgramData\Adobe
2011-01-01 14:34:50 ----D---- C:\Program Files\Common Files\Adobe
2011-01-01 14:34:50 ----D---- C:\Program Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-02-28 277784]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-03-15 43528]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2006-10-18 10216]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-01-03 11032]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-11-13 140800]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-12-13 102784]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-03-24 1669632]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 R5U870FLx86;R5U870 UVC Lower Filter ; C:\Windows\System32\Drivers\R5U870FLx86.sys [2007-03-15 74240]
R3 R5U870FUx86;R5U870 UVC Upper Filter ; C:\Windows\System32\Drivers\R5U870FUx86.sys [2007-03-15 43904]
R3 SNC;Sony Firmware Extension Parser Device; C:\Windows\System32\Drivers\SonyNC.sys [2007-02-01 27520]
R3 SonyImgF;Sony Image Conversion Filter Driver; C:\Windows\system32\DRIVERS\SonyImgF.sys [2007-03-19 30976]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-03-19 323584]
R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-02-08 807424]
R3 usbvideo;R5U870 (UVC) ; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-02-08 195584]
S0 TfFsMon;TfFsMon; C:\Windows\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon; C:\Windows\system32\drivers\TfSysMon.sys []
S1 Cdr4_xp;Cdr4_xp; C:\Windows\system32\drivers\Cdr4_xp.sys []
S1 Cdralw2k;Cdralw2k; C:\Windows\system32\drivers\Cdralw2k.sys []
S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys []
S2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw4v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
S3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-03-02 124256]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 IS360service;IS360service; C:\Program Files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [2010-12-21 987704]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [2010-12-21 399416]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-02-13 182392]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
S2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-14 386560]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 ICScsiSV;Image Converter SCSI Service; C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe [2007-01-26 75952]
S3 IcVzMonLauncher;IcVzMonLauncher; C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe [2007-01-26 67760]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment; C:\Program Files\Sony\Image Converter 3\IcVzMon.exe [2007-01-26 43184]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.08 2011-01-08 14:17:41

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
Alps Pointing-device for VAIO-->C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Click to DVD 2.0.05 Menu Data-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E407618-D9CD-4F39-9490-9ED45294073D}\setup.exe" -l0x9 -removeonly
Click to DVD 2.6.00-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E809063C-51A3-4269-8984-D1EB742F2151}\setup.exe" -l0x9 -removeonly
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
DSD Direct-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}\setup.exe" -l0x9 -removeonly
DSD Playback Plug-in-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{009E7FB7-1775-4D89-8956-F5C9A1C019FC}\setup.exe" -l0x9 -removeonly
Free File Viewer 2010-->"C:\Program Files\FreeFileViewer\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Image Converter 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AFB6AFBA-88B1-48A7-AF52-BA59BA5F183B}\setup.exe" -l0x9 /CONPANE -removeonly
Instant Mode-->C:\Program Files\InstallShield Installation Information\{E6707034-D7A4-49B1-94D0-F5AACE46F06C}\setup.exe -runfromtemp -l0x0009 -removeonly
Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
IObit Security 360-->"C:\Program Files\IObit\IObit Security 360\unins000.exe"
Java™ 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
Java™ SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Antimalware-->MsiExec.exe /X{774088D4-0777-4D78-904D-E435B318F5D2}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Security Client-->MsiExec.exe /I{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mobile Partner-->C:\Program Files\Mobile Partner\uninst.exe
Most Popular Solitaire Version 2.03-->"C:\Program Files\Most Popular Solitaire\unins000.exe"
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
OpenMG Limited Patch 4.7-07-13-24-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-13-24-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
QuickBooks Product Listing Service-->MsiExec.exe /I{91208A47-5D08-4C79-986F-1931940F51BB}
Secunia PSI (2.0.0.1003)-->"C:\Program Files\Secunia\PSI\uninstall.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
Setting Utility Series-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59452470-A902-477F-9338-9B88101681BD}\SETUP.exe" -l0x9 UNINSTALL -removeonly
Simple Start Entice-->MsiExec.exe /I{337CBC16-F6F3-411A-9A3F-DB21C57BFDFD}
Skype Toolbars-->MsiExec.exe /I{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Sony Utilities DLL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3D45BB-2260-4008-88EA-492E7744A9DF}\SETUP.exe" -l0x9 -removeonly
Sony Video Shared Library-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\SETUP.exe" -l0x9 -removeonly
SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
SupportSoft Assisted Service-->MsiExec.exe /I{5A3F6A80-7913-475E-8B96-477A952CFA43}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VAIO AV Mode Launcher-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{428A6DA3-FD56-44AE-B602-15DCCD6A7515}\SETUP.exe" -l0x9 -removeonly
VAIO Camera Capture Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}\SETUP.exe" -l0x9 -removeonly
VAIO Camera Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1417F599-1DBD-4499-9375-B2813E9F890C}\SETUP.exe" -l0x9 -removeonly
VAIO Central-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E993095-28F2-4060-9101-99C1FD1195C0}\SETUP.exe" -l0x9 -removeonly
VAIO Event Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\SETUP.exe" -l0x9 -removeonly
VAIO Help And Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7D716354-2C08-48DC-9AC5-957348048817}\SETUP.exe" -l0x9 -removeonly
VAIO OOBE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B500D37-E7CF-480B-8054-8A563594EC4E}\SETUP.exe" -l0x9 -removeonly
VAIO Power Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E319E96-ED8E-4B01-9775-C521A1869A25}\SETUP.exe" -l0x9 UNINSTALL -removeonly
VAIO Productivity Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BABC878D-BB64-4688-9A88-1D9E88F339A9}\setup.exe" -l0x9 -removeonly
VAIO Security Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFED0AE3-6D93-4745-B8A0-F3410B493CC4}\setup.exe" -l0x9 -removeonly
VAIO Update 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\SETUP.exe" -l0x9 -removeonly
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
WinDVD for VAIO-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x0409
Wireless Switch Setting Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\setup.exe" -l0x9 -removeonly
Yahoo! Install Manager-->C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Security center information======

AS: Windows Defender (disabled)
AS: SUPERAntiSpyware

======System event log======

Computer Name: UniversalMes-PC
Event Code: 4386
Message: Windows Servicing required reboot to complete the process of changing update 948610-790_neutral_LDR from package KB948610(Update) into Staging(Staging) state
Record Number: 26837
Source Name: Microsoft-Windows-Servicing
Time Written: 20110102113605.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: UniversalMes-PC
Event Code: 4386
Message: Windows Servicing required reboot to complete the process of changing update 948610-789_neutral_GDR from package KB948610(Update) into Staging(Staging) state
Record Number: 26836
Source Name: Microsoft-Windows-Servicing
Time Written: 20110102113605.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: UniversalMes-PC
Event Code: 4386
Message: Windows Servicing required reboot to complete the process of changing update 948610-788_neutral_LDR from package KB948610(Update) into Staging(Staging) state
Record Number: 26835
Source Name: Microsoft-Windows-Servicing
Time Written: 20110102113605.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: UniversalMes-PC
Event Code: 4386
Message: Windows Servicing required reboot to complete the process of changing update 948610-787_neutral_GDR from package KB948610(Update) into Staging(Staging) state
Record Number: 26834
Source Name: Microsoft-Windows-Servicing
Time Written: 20110102113605.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: UniversalMes-PC
Event Code: 4386
Message: Windows Servicing required reboot to complete the process of changing update 948610-786_neutral_LDR from package KB948610(Update) into Staging(Staging) state
Record Number: 26833
Source Name: Microsoft-Windows-Servicing
Time Written: 20110102113605.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: UniversalMes-PC
Event Code: 39
Message: Volume Shadow Copy Service error: The Volume Shadow Copy service (VSS) is disabled. Please enable the service and try again.

Operation:
Instantiating VSS server
Record Number: 1367
Source Name: VSS
Time Written: 20110101213033.000000-000
Event Type: Error
User:

Computer Name: UniversalMes-PC
Event Code: 8193
Message: Failed to create restore point on volume (Process = C:\Windows\system32\DrvInst.exe "4" "0" "C:\Users\UniversalMessenger\{3f5e3746-bb3d-453e-b050-813d53ca3a32}\ewmdm2k.inf" "0" "6cbd00b27" "0000053C" "WinSta0\Default" "00000554" "208" "C:\Program Files\Mobile Partner\driver\WinVista"; Descripton = Device Driver Package Install: HUAWEI Incorporated Modems; Hr = 0x8000ffff).
Record Number: 1366
Source Name: System Restore
Time Written: 20110101213030.000000-000
Event Type: Error
User:

Computer Name: UniversalMes-PC
Event Code: 8193
Message: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422.

Operation:
Instantiating VSS server
Record Number: 1365
Source Name: VSS
Time Written: 20110101213030.000000-000
Event Type: Error
User:

Computer Name: UniversalMes-PC
Event Code: 39
Message: Volume Shadow Copy Service error: The Volume Shadow Copy service (VSS) is disabled. Please enable the service and try again.

Operation:
Instantiating VSS server
Record Number: 1364
Source Name: VSS
Time Written: 20110101213030.000000-000
Event Type: Error
User:

Computer Name: UniversalMes-PC
Event Code: 1008
Message: The Windows Search Service is attempting to remove the old catalog.

Record Number: 1331
Source Name: Microsoft-Windows-Search
Time Written: 20110101212045.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: LH-IYQA6BDIR6Y4
Event Code: 4616
Message: The system time was changed.

Subject:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5

Process Information:
Process ID: 0x4b0
Name: C:\Windows\System32\svchost.exe

Previous Time: 1:18:21 PM 1/1/2011
New Time: 1:18:21 PM 1/1/2011

This event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer.
Record Number: 765
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110101211822.010600-000
Event Type: Audit Success
User:

Computer Name: LH-IYQA6BDIR6Y4
Event Code: 1100
Message: The event logging service has shut down.
Record Number: 764
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110101211822.291400-000
Event Type: Audit Success
User:

Computer Name: LH-IYQA6BDIR6Y4
Event Code: 4616
Message: The system time was changed.

Subject:
Security ID: S-1-5-21-2155972309-1363494105-88860650-500
Account Name: Administrator
Account Domain: LH-IYQA6BDIR6Y4
Logon ID: 0x6127a

Process Information:
Process ID: 0x15e8
Name: C:\Windows\System32\rundll32.exe

Previous Time: 1:18:19 PM 1/1/2011
New Time: 1:18:19 PM 1/1/2011

This event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer.
Record Number: 763
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110101211819.015600-000
Event Type: Audit Success
User:

Computer Name: LH-IYQA6BDIR6Y4
Event Code: 4616
Message: The system time was changed.

Subject:
Security ID: S-1-5-21-2155972309-1363494105-88860650-500
Account Name: Administrator
Account Domain: LH-IYQA6BDIR6Y4
Logon ID: 0x6127a

Process Information:
Process ID: 0x15e8
Name: C:\Windows\System32\rundll32.exe

Previous Time: 12:18:24 PM 1/1/2011
New Time: 1:18:19 PM 1/1/2011

This event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer.
Record Number: 762
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110101211819.015600-000
Event Type: Audit Success
User:

Computer Name: LH-IYQA6BDIR6Y4
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-2155972309-1363494105-88860650-500
Account Name: Administrator
Domain Name: LH-IYQA6BDIR6Y4
Logon ID: 0x6127a
Record Number: 761
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110101201619.528369-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF------------

#11 Judicandus

Judicandus

    Bleepin' Pasta


  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Around the world
  • Local time:10:10 AM

Posted 08 January 2011 - 12:24 PM

Hi Universal,

That registry key was most probably added by Free File Viewer 2010 which you have installed.
My suggestion regarding iobit 360 remains the same.

You have no malware in your system ;)

#12 UniversalM

UniversalM
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:10 PM

Posted 08 January 2011 - 12:30 PM

well from "switzerland" to "around the world"....I thank you immensely.....so I guess my reward for stripping and reformatting is a working machine....what ever was in it before, is no longer there and I will take note of your comments...360 is already removed...Universal thanks

#13 Judicandus

Judicandus

    Bleepin' Pasta


  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Around the world
  • Local time:10:10 AM

Posted 08 January 2011 - 12:34 PM

I'm currently in Brazil :) Your thanks have been received ;)

I'm glad we could help!
I'll close the topic so if you need further assistance please send me a PM.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users